Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4107)
CVE-2021-4107
CWE-707
Medium
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31043)
CVE-2022-31043
CWE-212
Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31160)
CVE-2022-31160
CWE-707
Medium
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092)
CVE-2021-4092
CWE-352
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072)
CVE-2021-4072
CWE-707
Medium
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784)
CVE-2021-46784
CWE-400
Medium
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
CVE-2021-46687
CWE-668
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46150)
CVE-2021-46150
CWE-707
Medium
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31160)
CVE-2022-31160
CWE-707
Medium
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31160)
CVE-2022-31160
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-46148)
CVE-2021-46148
CWE-200
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46146)
CVE-2021-46146
CWE-707
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-31167)
CVE-2022-31167
CWE-862
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46144)
CVE-2021-46144
CWE-707
Medium
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-45811)
CVE-2021-45811
CWE-138
Medium
TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046)
CVE-2022-31046
CWE-319
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-0334)
CVE-2022-0334
CWE-668
Medium
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721)
CVE-2021-45721
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1208)
CVE-2022-1208
CWE-707
Medium
Bootstrap Table Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1726)
CVE-2022-1726
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2829)
CVE-2022-2829
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2885)
CVE-2022-2885
CWE-707
Medium
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-1434)
CVE-2022-1434
CWE-327
Medium
YetiForce CRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-1411)
CVE-2022-1411
CWE-434
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2022-1343)
CVE-2022-1343
CWE-295
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1340)
CVE-2022-1340
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2890)
CVE-2022-2890
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2924)
CVE-2022-2924
CWE-707
Medium
SharePoint CVE-2022-30157 Vulnerability (CVE-2022-30157)
CVE-2022-30157
-
Medium
SharePoint CVE-2022-30158 Vulnerability (CVE-2022-30158)
CVE-2022-30158
-
Medium
WordPress Ultimate Member Plugin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-1209)
CVE-2022-1209
CWE-601
Medium
Moodle Improper Authentication Vulnerability (CVE-2022-0985)
CVE-2022-0985
CWE-287
Medium
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31042)
CVE-2022-31042
CWE-212
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2022-0984)
CVE-2022-0984
CWE-863
Medium
SharePoint CVE-2022-30159 Vulnerability (CVE-2022-30159)
CVE-2022-30159
-
Medium
SharePoint CVE-2022-30171 Vulnerability (CVE-2022-30171)
CVE-2022-30171
-
Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)
CVE-2022-0866
CWE-863
Medium
SharePoint CVE-2022-30172 Vulnerability (CVE-2022-30172)
CVE-2022-30172
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-30596)
CVE-2022-30596
CWE-707
Medium
reveal.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-0776)
CVE-2022-0776
CWE-707
Medium
Dolibarr Other Vulnerability (CVE-2022-0746)
CVE-2022-0746
-
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2022-0731)
CVE-2022-0731
CWE-863
Medium
Moodle Other Vulnerability (CVE-2022-30597)
CVE-2022-30597
-
Medium
Moodle CVE-2022-30598 Vulnerability (CVE-2022-30598)
CVE-2022-30598
-
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-30875)
CVE-2022-30875
CWE-707
Medium
Dolibarr Other Vulnerability (CVE-2022-0414)
CVE-2022-0414
-
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
CVE-2021-45730
CWE-863
Medium
Nginx Use After Free Vulnerability (CVE-2022-31307)
CVE-2022-31307
CWE-416
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36097)
CVE-2022-36097
CWE-707
Medium
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43767)
CVE-2021-43767
CWE-295
Medium
SharePoint CVE-2021-43876 Vulnerability (CVE-2021-43876)
CVE-2021-43876
-
Medium
Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2021-43859)
CVE-2021-43859
CWE-400
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34257)
CVE-2022-34257
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34258)
CVE-2022-34258
CWE-707
Medium
Magento CVE-2022-34259 Vulnerability (CVE-2022-34259)
CVE-2022-34259
-
Medium
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43815)
CVE-2021-43815
CWE-22
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34305)
CVE-2022-34305
CWE-707
Medium
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43813)
CVE-2021-43813
CWE-22
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34911)
CVE-2022-34911
CWE-707
Medium
MediaWiki CVE-2022-34912 Vulnerability (CVE-2022-34912)
CVE-2022-34912
-
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35212)
CVE-2022-35212
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35651)
CVE-2022-35651
CWE-707
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-35652)
CVE-2022-35652
CWE-601
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43945)
CVE-2021-43945
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43687)
CVE-2021-43687
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35653)
CVE-2022-35653
CWE-707
Medium
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43677)
CVE-2021-43677
CWE-707
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-43560)
CVE-2021-43560
CWE-668
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35740)
CVE-2022-35740
CWE-707
Medium
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2022-35957)
CVE-2022-35957
CWE-290
Medium
Next.js Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-36046)
CVE-2022-36046
CWE-754
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43558)
CVE-2021-43558
CWE-707
Medium
Mailman Insufficiently Protected Credentials Vulnerability (CVE-2021-43332)
CVE-2021-43332
CWE-522
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43331)
CVE-2021-43331
CWE-707
Medium
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-43293)
CVE-2021-43293
CWE-918
Medium
«
1
...
92
93
94
...
181
»
