Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26034)
CVE-2021-26034
CWE-352
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26032)
CVE-2021-26032
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26083)
CVE-2021-26083
CWE-707
Medium
Joomla CVE-2021-26031 Vulnerability (CVE-2021-26031)
CVE-2021-26031
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26030)
CVE-2021-26030
CWE-707
Medium
Joomla Improper Input Validation Vulnerability (CVE-2021-26029)
CVE-2021-26029
CWE-20
Medium
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26028)
CVE-2021-26028
CWE-22
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2021-26027)
CVE-2021-26027
CWE-863
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0191)
CVE-2008-0191
CWE-200
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
CVE-2021-25954
CWE-863
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0192)
CVE-2008-0192
CWE-707
Medium
Oracle HTTP Server CVE-2021-25219 Vulnerability (CVE-2021-25219)
CVE-2021-25219
-
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0193)
CVE-2008-0193
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24306)
CVE-2021-24306
CWE-707
Medium
WP Plugin Advanced Custom Fields Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24241)
CVE-2021-24241
CWE-707
Medium
Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)
CVE-2021-24122
CWE-706
Medium
SharePoint CVE-2021-24104 Vulnerability (CVE-2021-24104)
CVE-2021-24104
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26082)
CVE-2021-26082
CWE-707
Medium
Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085)
CVE-2021-26085
CWE-862
Medium
SharePoint CVE-2021-24071 Vulnerability (CVE-2021-24071)
CVE-2021-24071
-
Medium
WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-27568)
CVE-2021-27568
CWE-754
Medium
MySQL Other Vulnerability (CVE-2007-6304)
CVE-2007-6304
-
Medium
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27969)
CVE-2021-27969
CWE-707
Medium
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6318)
CVE-2007-6318
CWE-138
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27949)
CVE-2021-27949
CWE-707
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6381)
CVE-2007-6381
CWE-138
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6388)
CVE-2007-6388
CWE-707
Medium
Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6420)
CVE-2007-6420
CWE-352
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27902)
CVE-2021-27902
CWE-707
Medium
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6422)
CVE-2007-6422
-
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27889)
CVE-2021-27889
CWE-707
Medium
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-6514)
CVE-2007-6514
CWE-200
Medium
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6600)
CVE-2007-6600
CWE-264
Medium
Pega Infinity CVE-2021-27653 Vulnerability (CVE-2021-27653)
CVE-2021-27653
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6617)
CVE-2007-6617
CWE-707
Medium
Atlassian Jira Other Vulnerability (CVE-2007-6618)
CVE-2007-6618
-
Medium
Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26086)
CVE-2021-26086
CWE-22
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27279)
CVE-2021-27279
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27131)
CVE-2021-27131
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6677)
CVE-2007-6677
CWE-707
Medium
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6750)
CVE-2007-6750
-
Medium
SharePoint CVE-2021-27076 Vulnerability (CVE-2021-27076)
CVE-2021-27076
-
Medium
SharePoint CVE-2021-27052 Vulnerability (CVE-2021-27052)
CVE-2021-27052
-
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26925)
CVE-2021-26925
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26799)
CVE-2021-26799
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26746)
CVE-2021-26746
CWE-707
Medium
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6752)
CVE-2007-6752
CWE-352
Medium
Apache Tomcat Other Vulnerability (CVE-2008-0002)
CVE-2008-0002
-
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0005)
CVE-2008-0005
CWE-707
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272)
CVE-2021-26272
CWE-829
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26271)
CVE-2021-26271
CWE-829
Medium
SharePoint CVE-2021-24072 Vulnerability (CVE-2021-24072)
CVE-2021-24072
-
Medium
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2021-24066)
CVE-2021-24066
CWE-502
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21611)
CVE-2021-21611
CWE-707
Medium
OpenSSL Numeric Errors Vulnerability (CVE-2008-0891)
CVE-2008-0891
-
Medium
MySQL NULL Pointer Dereference Vulnerability (CVE-2021-22570)
CVE-2021-22570
CWE-476
Medium
Spring Cloud Gateway Incorrect Authorization Vulnerability (CVE-2021-22051)
CVE-2021-22051
CWE-863
Medium
XOOPS Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-0613)
CVE-2008-0613
CWE-59
Medium
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0615)
CVE-2008-0615
CWE-22
Medium
PHP Other Vulnerability (CVE-2021-21707)
CVE-2021-21707
-
Medium
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21706)
CVE-2021-21706
CWE-22
Medium
PHP Improper Input Validation Vulnerability (CVE-2021-21705)
CVE-2021-21705
CWE-20
Medium
PHP Out-of-bounds Write Vulnerability (CVE-2021-21704)
CVE-2021-21704
CWE-787
Medium
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0616)
CVE-2008-0616
CWE-138
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0617)
CVE-2008-0617
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0618)
CVE-2008-0618
CWE-707
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0664)
CVE-2008-0664
CWE-264
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0788)
CVE-2008-0788
CWE-352
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0828)
CVE-2008-0828
CWE-707
Medium
Lighttpd Resource Management Errors Vulnerability (CVE-2008-0983)
CVE-2008-0983
-
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22872)
CVE-2021-22872
CWE-707
Medium
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1111)
CVE-2008-1111
CWE-200
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1133)
CVE-2008-1133
CWE-707
Medium
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-1149)
CVE-2008-1149
CWE-352
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1232)
CVE-2008-1232
CWE-707
Medium