Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Magento Improper Authorization Vulnerability (CVE-2021-21022)
CVE-2021-21022
CWE-285
Medium
Magento Improper Access Control Vulnerability (CVE-2021-21020)
CVE-2021-21020
CWE-284
Medium
Perl Resource Management Errors Vulnerability (CVE-2008-1927)
CVE-2008-1927
-
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1947)
CVE-2008-1947
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20520)
CVE-2021-20520
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20519)
CVE-2021-20519
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20518)
CVE-2021-20518
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20507)
CVE-2021-20507
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20506)
CVE-2021-20506
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20504)
CVE-2021-20504
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20503)
CVE-2021-20503
CWE-707
Medium
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020)
CVE-2008-2020
CWE-264
Medium
IBM WebSEAL Improper Input Validation Vulnerability (CVE-2021-20496)
CVE-2021-20496
CWE-20
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20447)
CVE-2021-20447
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20357)
CVE-2021-20357
CWE-707
Medium
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-1918)
CVE-2008-1918
CWE-138
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20352)
CVE-2021-20352
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20351)
CVE-2021-20351
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20350)
CVE-2021-20350
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20340)
CVE-2021-20340
CWE-707
Medium
MongoDb Improper Encoding or Escaping of Output Vulnerability (CVE-2021-20333)
CVE-2021-20333
CWE-116
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2021-20330)
CVE-2021-20330
CWE-20
Medium
MongoDb Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-20326)
CVE-2021-20326
CWE-732
Medium
Jboss EAP Session Fixation Vulnerability (CVE-2021-20324)
CVE-2021-20324
CWE-384
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2021-20283)
CVE-2021-20283
CWE-863
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2021-20282)
CVE-2021-20282
CWE-863
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20281)
CVE-2021-20281
CWE-200
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20280)
CVE-2021-20280
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20279)
CVE-2021-20279
CWE-707
Medium
PostgreSQL Incorrect Authorization Vulnerability (CVE-2021-20229)
CVE-2021-20229
CWE-863
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21023)
CVE-2021-21023
CWE-707
Medium
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-1891)
CVE-2008-1891
CWE-22
Medium
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-2045)
CVE-2008-2045
CWE-22
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21358)
CVE-2021-21358
CWE-707
Medium
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-21607)
CVE-2021-21607
CWE-770
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2021-21606)
CVE-2021-21606
CWE-20
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1385)
CVE-2008-1385
CWE-707
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1386)
CVE-2008-1386
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21603)
CVE-2021-21603
CWE-707
Medium
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21602)
CVE-2021-21602
CWE-59
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1502)
CVE-2008-1502
CWE-707
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21398)
CVE-2021-21398
CWE-707
Medium
Lighttpd Other Vulnerability (CVE-2008-1531)
CVE-2008-1531
-
Medium
XWiki Improper Preservation of Permissions Vulnerability (CVE-2021-21379)
CVE-2021-21379
CWE-281
Medium
CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1550)
CVE-2008-1550
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21370)
CVE-2021-21370
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21365)
CVE-2021-21365
CWE-707
Medium
phpMyAdmin Cleartext Storage of Sensitive Information Vulnerability (CVE-2008-1567)
CVE-2008-1567
CWE-312
Medium
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2008-1672)
CVE-2008-1672
CWE-476
Medium
Magento Improper Authorization Vulnerability (CVE-2021-21026)
CVE-2021-21026
CWE-285
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2008-1678)
CVE-2008-1678
-
Medium
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-1679)
CVE-2008-1679
CWE-190
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21340)
CVE-2021-21340
CWE-707
Medium
Drupal CVE-2008-1729 Vulnerability (CVE-2008-1729)
CVE-2008-1729
-
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)
CVE-2021-21338
CWE-601
Medium
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)
CVE-2021-21336
CWE-200
Medium
Oracle Database Server CVE-2008-1813 Vulnerability (CVE-2008-1813)
CVE-2008-1813
-
Medium
Oracle Database Server CVE-2008-1816 Vulnerability (CVE-2008-1816)
CVE-2008-1816
-
Medium
CKEditor Uncontrolled Resource Consumption Vulnerability (CVE-2021-21254)
CVE-2021-21254
CWE-400
Medium
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21032)
CVE-2021-21032
CWE-613
Medium
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031)
CVE-2021-21031
CWE-613
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1888)
CVE-2008-1888
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21029)
CVE-2021-21029
CWE-707
Medium
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-21027)
CVE-2021-21027
CWE-352
Medium
Sqlite Use After Free Vulnerability (CVE-2021-20227)
CVE-2021-20227
CWE-416
Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-20220)
CVE-2021-20220
CWE-444
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21609)
CVE-2021-21609
CWE-863
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9281)
CVE-2020-9281
CWE-707
Medium
Oracle Application Server CVE-2008-2593 Vulnerability (CVE-2008-2593)
CVE-2008-2593
-
Medium
Oracle Database Server CVE-2008-2600 Vulnerability (CVE-2008-2600)
CVE-2008-2600
-
Medium
Oracle Database Server CVE-2008-2602 Vulnerability (CVE-2008-2602)
CVE-2008-2602
-
Medium
Oracle Database Server CVE-2008-2604 Vulnerability (CVE-2008-2604)
CVE-2008-2604
-
Medium
Oracle Database Server CVE-2008-2605 Vulnerability (CVE-2008-2605)
CVE-2008-2605
-
Medium
Oracle Database Server CVE-2008-2607 Vulnerability (CVE-2008-2607)
CVE-2008-2607
-
Medium
Oracle Database Server CVE-2008-2608 Vulnerability (CVE-2008-2608)
CVE-2008-2608
-
Medium