Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3733)
CVE-2021-3733
CWE-400
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3002)
CVE-2022-3002
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3004)
CVE-2022-3004
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3005)
CVE-2022-3005
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40214)
CVE-2021-40214
CWE-707
Medium
Dolibarr Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3991)
CVE-2021-3991
CWE-639
Medium
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)
CVE-2021-3964
CWE-639
Medium
WordPress Ultimate Member Plugin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-3361)
CVE-2022-3361
CWE-22
Medium
OpenVPN AS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3824)
CVE-2021-3824
CWE-707
Medium
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3785)
CVE-2021-3785
CWE-707
Medium
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3783)
CVE-2021-3783
CWE-707
Medium
WordPress Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-3590)
CVE-2022-3590
CWE-367
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3765)
CVE-2022-3765
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3766)
CVE-2022-3766
CWE-707
Medium
Liferay Portal Missing Authorization Vulnerability (CVE-2022-39975)
CVE-2022-39975
CWE-862
Medium
Moodle Other Vulnerability (CVE-2022-40208)
CVE-2022-40208
-
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-40316)
CVE-2022-40316
CWE-668
Medium
PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)
CVE-2021-3677
-
Medium
Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-3642)
CVE-2021-3642
-
Medium
Apache Traffic Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40743)
CVE-2022-40743
CWE-707
Medium
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)
CVE-2021-3597
CWE-362
Medium
Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)
CVE-2021-3597
CWE-362
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3539)
CVE-2021-3539
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3536)
CVE-2021-3536
CWE-707
Medium
SharePoint CVE-2022-41060 Vulnerability (CVE-2022-41060)
CVE-2022-41060
-
Medium
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2021-3449)
CVE-2021-3449
CWE-476
Medium
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-3426)
CVE-2021-3426
CWE-200
Medium
PostgreSQL Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-3393)
CVE-2021-3393
CWE-209
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3000)
CVE-2022-3000
CWE-707
Medium
SharePoint CVE-2021-40486 Vulnerability (CVE-2021-40486)
CVE-2021-40486
-
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40888)
CVE-2021-40888
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41174)
CVE-2021-41174
CWE-707
Medium
Grafana CVE-2022-39307 Vulnerability (CVE-2022-39307)
CVE-2022-39307
-
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability (CVE-2021-41114)
CVE-2021-41114
CWE-644
Medium
Twisted Web HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39348)
CVE-2022-39348
CWE-707
Medium
MySQL CVE-2022-39400 Vulnerability (CVE-2022-39400)
CVE-2022-39400
-
Medium
Liferay DXP Missing Authorization Vulnerability (CVE-2022-39975)
CVE-2022-39975
CWE-862
Medium
ProjectSend Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-40886)
CVE-2021-40886
CWE-22
Medium
MySQL CVE-2022-39402 Vulnerability (CVE-2022-39402)
CVE-2022-39402
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40882)
CVE-2021-40882
CWE-707
Medium
Moodle CVE-2021-40695 Vulnerability (CVE-2021-40695)
CVE-2021-40695
-
Medium
Moodle Improper Encoding or Escaping of Output Vulnerability (CVE-2021-40694)
CVE-2021-40694
CWE-116
Medium
Moodle Improper Authentication Vulnerability (CVE-2021-40693)
CVE-2021-40693
CWE-287
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2021-40692)
CVE-2021-40692
CWE-863
Medium
Moodle CVE-2021-40691 Vulnerability (CVE-2021-40691)
CVE-2021-40691
-
Medium
MySQL CVE-2022-39404 Vulnerability (CVE-2022-39404)
CVE-2022-39404
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40678)
CVE-2021-40678
CWE-707
Medium
MySQL CVE-2022-39408 Vulnerability (CVE-2022-39408)
CVE-2022-39408
-
Medium
MySQL CVE-2022-39410 Vulnerability (CVE-2022-39410)
CVE-2022-39410
-
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40492)
CVE-2021-40492
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36107)
CVE-2022-36107
CWE-707
Medium
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
CVE-2022-36105
CWE-203
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-20612)
CVE-2022-20612
CWE-352
Medium
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111)
CVE-2021-4111
CWE-20
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)
CVE-2022-31047
CWE-532
Medium
Dolibarr Improper Input Validation Vulnerability (CVE-2022-0174)
CVE-2022-0174
CWE-20
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31048)
CVE-2022-31048
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31049)
CVE-2022-31049
CWE-707
Medium
Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4231)
CVE-2021-4231
CWE-707
Medium
Python Unchecked Return Value Vulnerability (CVE-2021-4189)
CVE-2021-4189
CWE-252
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31097)
CVE-2022-31097
CWE-707
Medium
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-4183)
CVE-2021-4183
CWE-125
Medium
OpenSSL CVE-2021-4160 Vulnerability (CVE-2021-4160)
CVE-2021-4160
-
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4121)
CVE-2021-4121
CWE-707
Medium
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4117)
CVE-2021-4117
CWE-20
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4116)
CVE-2021-4116
CWE-707
Medium