Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
SharePoint CVE-2021-43242 Vulnerability (CVE-2021-43242)
CVE-2021-43242
-
Medium
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-36095)
CVE-2022-36095
CWE-352
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43941)
CVE-2021-43941
CWE-352
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43946)
CVE-2021-43946
CWE-287
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45474)
CVE-2021-45474
CWE-707
Medium
MediaWiki Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-44856)
CVE-2021-44856
CWE-754
Medium
PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-31628)
CVE-2022-31628
CWE-835
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45473)
CVE-2021-45473
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45472)
CVE-2021-45472
CWE-707
Medium
MediaWiki CVE-2021-45471 Vulnerability (CVE-2021-45471)
CVE-2021-45471
-
Medium
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-45452)
CVE-2021-45452
CWE-22
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45357)
CVE-2021-45357
CWE-707
Medium
Sqlite Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-45346)
CVE-2021-45346
CWE-401
Medium
PHP CVE-2022-31629 Vulnerability (CVE-2022-31629)
CVE-2022-31629
-
Medium
WebLogic Improper Input Validation Vulnerability (CVE-2021-45105)
CVE-2021-45105
CWE-20
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45074)
CVE-2021-45074
CWE-863
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-45038)
CVE-2021-45038
CWE-200
Medium
MediaWiki Improper Privilege Management Vulnerability (CVE-2021-44857)
CVE-2021-44857
CWE-269
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44855)
CVE-2021-44855
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34171)
CVE-2022-34171
CWE-707
Medium
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-44854)
CVE-2021-44854
CWE-668
Medium
WebLogic Improper Input Validation Vulnerability (CVE-2021-44832)
CVE-2021-44832
CWE-20
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-32074)
CVE-2022-32074
CWE-707
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)
CVE-2021-44528
CWE-601
Medium
Nginx Use After Free Vulnerability (CVE-2022-32414)
CVE-2022-32414
CWE-416
Medium
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44076)
CVE-2021-44076
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44025)
CVE-2021-44025
CWE-707
Medium
Nexus Repository Manager Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-43961)
CVE-2021-43961
CWE-138
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43953)
CVE-2021-43953
CWE-352
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43952)
CVE-2021-43952
CWE-352
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43950)
CVE-2021-43950
CWE-287
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34170)
CVE-2022-34170
CWE-707
Medium
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2021-43948)
CVE-2021-43948
CWE-863
Medium
Oracle Database Server CVE-2023-22073 Vulnerability (CVE-2023-22073)
CVE-2023-22073
-
Medium
Magento Violation of Secure Design Principles Vulnerability (CVE-2021-28583)
CVE-2021-28583
CWE-657
Medium
Oracle JRE Incorrect Default Permissions Vulnerability (CVE-2024-20921)
CVE-2024-20921
CWE-276
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42496)
CVE-2023-42496
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27957)
CVE-2020-27957
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40191)
CVE-2023-40191
CWE-707
Medium
Python CVE-2023-40217 Vulnerability (CVE-2023-40217)
CVE-2023-40217
-
Medium
XWiki Missing Authorization Vulnerability (CVE-2023-41046)
CVE-2023-41046
CWE-862
Medium
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41080)
CVE-2023-41080
CWE-601
Medium
Payara URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41699)
CVE-2023-41699
CWE-601
Medium
MediaWiki Other Vulnerability (CVE-2020-27621)
CVE-2020-27621
-
Medium
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27388)
CVE-2020-27388
CWE-707
Medium
Jetty Weak Authentication Vulnerability (CVE-2023-41900)
CVE-2023-41900
-
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-42428)
CVE-2023-42428
CWE-22
Medium
Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42458)
CVE-2023-42458
CWE-707
Medium
Jetty CVE-2020-27218 Vulnerability (CVE-2020-27218)
CVE-2020-27218
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42496)
CVE-2023-42496
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40176)
CVE-2023-40176
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42497)
CVE-2023-42497
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42497)
CVE-2023-42497
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42498)
CVE-2023-42498
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42498)
CVE-2023-42498
CWE-707
Medium
Artifactory CVE-2023-42508 Vulnerability (CVE-2023-42508)
CVE-2023-42508
-
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27193)
CVE-2020-27193
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42627)
CVE-2023-42627
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26934)
CVE-2020-26934
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42627)
CVE-2023-42627
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42628)
CVE-2023-42628
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42628)
CVE-2023-42628
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629)
CVE-2023-42629
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40191)
CVE-2023-40191
CWE-707
Medium
Jetty CVE-2023-40167 Vulnerability (CVE-2023-40167)
CVE-2023-40167
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629)
CVE-2023-42629
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3193)
CVE-2023-3193
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29003)
CVE-2020-29003
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29002)
CVE-2020-29002
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-39151)
CVE-2023-39151
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28956)
CVE-2020-28956
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28955)
CVE-2020-28955
CWE-707
Medium
PostgreSQL CVE-2023-39418 Vulnerability (CVE-2023-39418)
CVE-2023-39418
-
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-39527)
CVE-2023-39527
CWE-707
Medium
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39582)
CVE-2023-39582
CWE-138
Medium