Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
OpenSSL Improper Certificate Validation Vulnerability (CVE-2022-1343)
CVE-2022-1343
CWE-295
Medium
Oracle Database Server Other Vulnerability (CVE-2007-0269)
CVE-2007-0269
-
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-26595)
CVE-2022-26595
CWE-276
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1340)
CVE-2022-1340
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
PHP Other Vulnerability (CVE-2007-1452)
CVE-2007-1452
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26594)
CVE-2022-26594
CWE-707
Medium
PHP Other Vulnerability (CVE-2007-1454)
CVE-2007-1454
-
Medium
WordPress Ultimate Member Plugin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-1209)
CVE-2022-1209
CWE-601
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1208)
CVE-2022-1208
CWE-707
Medium
Moodle Improper Authentication Vulnerability (CVE-2022-0985)
CVE-2022-0985
CWE-287
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2022-0984)
CVE-2022-0984
CWE-863
Medium
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-1460)
CVE-2007-1460
CWE-264
Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)
CVE-2022-0866
CWE-863
Medium
Dolibarr Improper Input Validation Vulnerability (CVE-2022-0174)
CVE-2022-0174
CWE-20
Medium
PHP Deserialization of Untrusted Data Vulnerability (CVE-2007-1701)
CVE-2007-1701
CWE-502
Medium
Sqlite Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-45346)
CVE-2021-45346
CWE-401
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46144)
CVE-2021-46144
CWE-707
Medium
Apache HTTP Server Other Vulnerability (CVE-2007-1743)
CVE-2007-1743
-
Medium
XWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-7223)
CVE-2006-7223
CWE-264
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28803)
CVE-2022-28803
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-47779)
CVE-2021-47779
CWE-707
Medium
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784)
CVE-2021-46784
CWE-400
Medium
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
CVE-2021-46687
CWE-668
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46150)
CVE-2021-46150
CWE-707
Medium
PHP Other Vulnerability (CVE-2007-1824)
CVE-2007-1824
-
Medium
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28923)
CVE-2022-28923
CWE-601
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-46148)
CVE-2021-46148
CWE-200
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46146)
CVE-2021-46146
CWE-707
Medium
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-45811)
CVE-2021-45811
CWE-138
Medium
PHP Improper Input Validation Vulnerability (CVE-2006-7243)
CVE-2006-7243
CWE-20
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
CVE-2021-45730
CWE-863
Medium
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721)
CVE-2021-45721
CWE-707
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977)
CVE-2022-28977
CWE-601
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45474)
CVE-2021-45474
CWE-707
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977)
CVE-2022-28977
CWE-601
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45473)
CVE-2021-45473
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28978)
CVE-2022-28978
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45472)
CVE-2021-45472
CWE-707
Medium
MediaWiki CVE-2021-45471 Vulnerability (CVE-2021-45471)
CVE-2021-45471
-
Medium
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-45452)
CVE-2021-45452
CWE-22
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28978)
CVE-2022-28978
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45357)
CVE-2021-45357
CWE-707
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072)
CVE-2021-4072
CWE-707
Medium
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092)
CVE-2021-4092
CWE-352
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-1709)
CVE-2007-1709
CWE-119
Medium
PHP Other Vulnerability (CVE-2007-1711)
CVE-2007-1711
-
Medium
phpMyAdmin Other Vulnerability (CVE-2007-0204)
CVE-2007-0204
-
Medium
Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4231)
CVE-2021-4231
CWE-707
Medium
MediaWiki Uncontrolled Recursion Vulnerability (CVE-2022-28201)
CVE-2022-28201
CWE-674
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28202)
CVE-2022-28202
CWE-707
Medium
MediaWiki Other Vulnerability (CVE-2007-0177)
CVE-2007-0177
-
Medium
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0175)
CVE-2007-0175
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0136)
CVE-2007-0136
CWE-707
Medium
WordPress Other Vulnerability (CVE-2007-0109)
CVE-2007-0109
-
Medium
PHP Other Vulnerability (CVE-2007-1710)
CVE-2007-1710
-
Medium
Python Unchecked Return Value Vulnerability (CVE-2021-4189)
CVE-2021-4189
CWE-252
Medium
WordPress Other Vulnerability (CVE-2007-0107)
CVE-2007-0107
-
Medium
Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)
CVE-2022-28330
-
Medium
PHP Other Vulnerability (CVE-2007-1717)
CVE-2007-1717
-
Medium
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2007-1741)
CVE-2007-1741
CWE-362
Medium
WordPress Other Vulnerability (CVE-2007-0106)
CVE-2007-0106
-
Medium
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-4183)
CVE-2021-4183
CWE-125
Medium
phpMyAdmin Other Vulnerability (CVE-2007-0095)
CVE-2007-0095
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28378)
CVE-2022-28378
CWE-707
Medium
OpenSSL CVE-2021-4160 Vulnerability (CVE-2021-4160)
CVE-2021-4160
-
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4121)
CVE-2021-4121
CWE-707
Medium
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4117)
CVE-2021-4117
CWE-20
Medium
Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)
CVE-2022-28614
-
Medium
OpenSSL Other Vulnerability (CVE-2006-7250)
CVE-2006-7250
-
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4116)
CVE-2021-4116
CWE-707
Medium
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111)
CVE-2021-4111
CWE-20
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4107)
CVE-2021-4107
CWE-707
Medium
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-4782)
CVE-2007-4782
CWE-94
Medium