Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Werkzeug WSGI URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-28724)
CVE-2020-28724
CWE-601
Medium
WordPress CVE-2023-39999 Vulnerability (CVE-2023-39999)
CVE-2023-39999
-
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3042)
CVE-2023-3042
CWE-707
Medium
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28644)
CVE-2020-28644
CWE-352
Medium
Lodash Other Vulnerability (CVE-2020-28500)
CVE-2020-28500
-
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3982)
CVE-2023-3982
CWE-707
Medium
PHP Use of Insufficiently Random Values Vulnerability (CVE-2023-3247)
CVE-2023-3247
CWE-330
Medium
Liferay Portal Missing Authorization Vulnerability (CVE-2023-3426)
CVE-2023-3426
CWE-862
Medium
OpenSSL Inefficient Regular Expression Complexity Vulnerability (CVE-2023-3446)
CVE-2023-3446
CWE-1333
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3469)
CVE-2023-3469
CWE-707
Medium
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28168)
CVE-2020-28168
CWE-918
Medium
Jboss EAP Other Vulnerability (CVE-2023-3628)
CVE-2023-3628
-
Medium
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28040)
CVE-2020-28040
CWE-352
Medium
Jboss EAP Other Vulnerability (CVE-2023-3629)
CVE-2023-3629
-
Medium
OpenSSL Excessive Iteration Vulnerability (CVE-2023-3817)
CVE-2023-3817
CWE-834
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28038)
CVE-2020-28038
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3980)
CVE-2023-3980
CWE-707
Medium
Omeka Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-3981)
CVE-2023-3981
CWE-918
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28034)
CVE-2020-28034
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26870)
CVE-2020-26870
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26227)
CVE-2020-26227
CWE-707
Medium
XWiki Transmission of Private Resources into a New Sphere ('Resource Leak') Vulnerability (CVE-2023-38509)
CVE-2023-38509
CWE-402
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25631)
CVE-2020-25631
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43710)
CVE-2023-43710
CWE-707
Medium
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-25700)
CVE-2020-25700
CWE-138
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43711)
CVE-2023-43711
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43712)
CVE-2023-43712
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43713)
CVE-2023-43713
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43714)
CVE-2023-43714
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43715)
CVE-2023-43715
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43716)
CVE-2023-43716
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43717)
CVE-2023-43717
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43718)
CVE-2023-43718
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43719)
CVE-2023-43719
CWE-707
Medium
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25689)
CVE-2020-25689
CWE-400
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43720)
CVE-2023-43720
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25702)
CVE-2020-25702
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43721)
CVE-2023-43721
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25628)
CVE-2020-25628
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25627)
CVE-2020-25627
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25476)
CVE-2020-25476
CWE-707
Medium
WordPress CVE-2020-25286 Vulnerability (CVE-2020-25286)
CVE-2020-25286
-
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43722)
CVE-2023-43722
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43723)
CVE-2023-43723
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43724)
CVE-2023-43724
CWE-707
Medium
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-24977)
CVE-2020-24977
CWE-125
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24917)
CVE-2020-24917
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43725)
CVE-2023-43725
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24599)
CVE-2020-24599
CWE-707
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24598)
CVE-2020-24598
CWE-601
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2020-25701)
CVE-2020-25701
CWE-863
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-25703)
CVE-2020-25703
CWE-200
Medium
Artifactory Improper Authentication Vulnerability (CVE-2023-42662)
CVE-2023-42662
CWE-287
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43704)
CVE-2023-43704
CWE-707
Medium
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42794)
CVE-2023-42794
CWE-459
Medium
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42795)
CVE-2023-42795
CWE-459
Medium
Jenkins CVE-2023-43494 Vulnerability (CVE-2023-43494)
CVE-2023-43494
-
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43495)
CVE-2023-43495
CWE-707
Medium
qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26166)
CVE-2020-26166
CWE-707
Medium
silverstripeCMS Improper Input Validation Vulnerability (CVE-2020-26138)
CVE-2020-26138
CWE-20
Medium
silverstripeCMS Improper Authentication Vulnerability (CVE-2020-26136)
CVE-2020-26136
CWE-287
Medium
PrestaShop Improper Privilege Management Vulnerability (CVE-2023-43663)
CVE-2023-43663
CWE-269
Medium
PrestaShop Improper Privilege Management Vulnerability (CVE-2023-43664)
CVE-2023-43664
CWE-269
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43702)
CVE-2023-43702
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43703)
CVE-2023-43703
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26120)
CVE-2020-26120
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43705)
CVE-2023-43705
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43709)
CVE-2023-43709
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43706)
CVE-2023-43706
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43707)
CVE-2023-43707
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25828)
CVE-2020-25828
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43708)
CVE-2023-43708
CWE-707
Medium
silverstripeCMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25817)
CVE-2020-25817
CWE-611
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25815)
CVE-2020-25815
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25814)
CVE-2020-25814
CWE-707
Medium