Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29049)
CVE-2021-29049
CWE-707
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-29052)
CVE-2021-29052
CWE-276
Medium
Highcharts JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29489)
CVE-2021-29489
CWE-707
Medium
PHP CVE-2007-5898 Vulnerability (CVE-2007-5898)
CVE-2007-5898
-
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29159)
CVE-2021-29159
CWE-707
Medium
WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29425)
CVE-2021-29425
CWE-22
Medium
WordPress Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-29447)
CVE-2021-29447
CWE-611
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-29450)
CVE-2021-29450
CWE-200
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29459)
CVE-2021-29459
CWE-707
Medium
WebLogic CVE-2021-2294 Vulnerability (CVE-2021-2294)
CVE-2021-2294
-
Medium
MySQL CVE-2021-2299 Vulnerability (CVE-2021-2299)
CVE-2021-2299
-
Medium
Grafana Other Vulnerability (CVE-2021-28147)
CVE-2021-28147
-
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32668)
CVE-2021-32668
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32809)
CVE-2021-32809
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32808)
CVE-2021-32808
CWE-707
Medium
Python Integer Overflow or Wraparound Vulnerability (CVE-2007-4965)
CVE-2007-4965
CWE-190
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5000)
CVE-2007-5000
CWE-707
Medium
Oracle HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5000)
CVE-2007-5000
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5105)
CVE-2007-5105
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32768)
CVE-2021-32768
CWE-707
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767)
CVE-2021-32767
CWE-532
Medium
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732)
CVE-2021-32732
CWE-352
Medium
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32731)
CVE-2021-32731
CWE-200
Medium
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32730)
CVE-2021-32730
CWE-352
Medium
XWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-32729)
CVE-2021-32729
CWE-732
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5106)
CVE-2007-5106
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32669)
CVE-2021-32669
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32667)
CVE-2021-32667
CWE-707
Medium
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-33037)
CVE-2021-33037
CWE-444
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32644)
CVE-2021-32644
CWE-707
Medium
PHP Improper Input Validation Vulnerability (CVE-2007-5128)
CVE-2007-5128
CWE-20
Medium
OpenSSL Numeric Errors Vulnerability (CVE-2007-5135)
CVE-2007-5135
-
Medium
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-32621)
CVE-2021-32621
CWE-94
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2021-32620)
CVE-2021-32620
CWE-863
Medium
Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5148)
CVE-2007-5148
CWE-94
Medium
Ruby Improper Authentication Vulnerability (CVE-2007-5162)
CVE-2007-5162
CWE-287
Medium
phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5173)
CVE-2007-5173
CWE-94
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5333)
CVE-2007-5333
CWE-200
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32478)
CVE-2021-32478
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32477)
CVE-2021-32477
CWE-200
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5342)
CVE-2007-5342
CWE-264
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32475)
CVE-2021-32475
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5386)
CVE-2007-5386
CWE-707
Medium
Chamilo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32925)
CVE-2021-32925
CWE-200
Medium
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4893)
CVE-2007-4893
CWE-352
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32472)
CVE-2021-32472
CWE-200
Medium
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-4850)
CVE-2007-4850
CWE-264
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33618)
CVE-2021-33618
CWE-707
Medium
PHP Improper Input Validation Vulnerability (CVE-2007-4784)
CVE-2007-4784
CWE-20
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33513)
CVE-2021-33513
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33512)
CVE-2021-33512
CWE-707
Medium
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)
CVE-2021-33510
CWE-918
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-4828)
CVE-2007-4828
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33508)
CVE-2021-33508
CWE-707
Medium
Zope Web Application Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) (CVE-2021-33507)
CVE-2021-33507
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33507)
CVE-2021-33507
CWE-707
Medium
CubeCart Session Fixation Vulnerability (CVE-2021-33394)
CVE-2021-33394
CWE-384
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33339)
CVE-2021-33339
CWE-707
Medium
PHP Improper Input Validation Vulnerability (CVE-2007-4840)
CVE-2007-4840
CWE-20
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33337)
CVE-2021-33337
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33336)
CVE-2021-33336
CWE-707
Medium
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-33334)
CVE-2021-33334
CWE-276
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-33320)
CVE-2021-33320
CWE-770
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33334)
CVE-2021-33334
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33333)
CVE-2021-33333
CWE-276
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33332)
CVE-2021-33332
CWE-707
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-33331)
CVE-2021-33331
CWE-601
Medium
Liferay DXP CVE-2021-33330 Vulnerability (CVE-2021-33330)
CVE-2021-33330
-
Medium
Liferay Portal CVE-2021-33330 Vulnerability (CVE-2021-33330)
CVE-2021-33330
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33328)
CVE-2021-33328
CWE-707
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33327)
CVE-2021-33327
CWE-276
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33326)
CVE-2021-33326
CWE-707
Medium
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33325)
CVE-2021-33325
CWE-312
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33324)
CVE-2021-33324
CWE-276
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-4883)
CVE-2007-4883
CWE-707
Medium