Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
Magento CVE-2019-8136 Vulnerability (CVE-2019-8136)
CVE-2019-8136
-
Critical
Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8135)
CVE-2019-8135
CWE-138
Critical
XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161)
CVE-2022-29161
CWE-326
Critical
Oracle Database Server CVE-2009-1992 Vulnerability (CVE-2009-1992)
CVE-2009-1992
-
Critical
Oracle Database Server CVE-2009-1985 Vulnerability (CVE-2009-1985)
CVE-2009-1985
-
Critical
Oracle Database Server CVE-2009-1979 Vulnerability (CVE-2009-1979)
CVE-2009-1979
-
Critical
Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)
CVE-2022-29226
CWE-306
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2015-0235)
CVE-2015-0235
CWE-787
Critical
Werkzeug WSGI Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-29361)
CVE-2022-29361
-
Critical
Magento CVE-2019-8121 Vulnerability (CVE-2019-8121)
CVE-2019-8121
-
Critical
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-0244)
CVE-2015-0244
CWE-138
Critical
MediaWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-29904)
CVE-2022-29904
CWE-138
Critical
OpenSSL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2022-2068)
CVE-2022-2068
CWE-138
Critical
phpMyAdmin Cryptographic Issues Vulnerability (CVE-2008-7252)
CVE-2008-7252
-
Critical
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-2274)
CVE-2022-2274
CWE-787
Critical
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1151)
CVE-2009-1151
CWE-94
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-30599)
CVE-2022-30599
CWE-138
Critical
Moodle Incorrect Calculation Vulnerability (CVE-2022-30600)
CVE-2022-30600
CWE-682
Critical
Oracle Database Server CVE-2009-1020 Vulnerability (CVE-2009-1020)
CVE-2009-1020
-
Critical
Oracle Database Server CVE-2015-0457 Vulnerability (CVE-2015-0457)
CVE-2015-0457
-
Critical
b2evolution Use of Insufficiently Random Values Vulnerability (CVE-2022-30935)
CVE-2022-30935
CWE-330
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-31181)
CVE-2022-31181
CWE-138
Critical
Beego Framework CVE-2022-31259 Vulnerability (CVE-2022-31259)
CVE-2022-31259
-
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2022-31627)
CVE-2022-31627
CWE-787
Critical
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-31631)
CVE-2022-31631
CWE-138
Critical
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2022-31813)
CVE-2022-31813
CWE-345
Critical
Beego Framework Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-31836)
CVE-2022-31836
CWE-22
Critical
TYPO3 Improper Input Validation Vulnerability (CVE-2009-0258)
CVE-2009-0258
CWE-20
Critical
Oracle HTTP Server CVE-2010-0425 Vulnerability (CVE-2010-0425)
CVE-2010-0425
-
Critical
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-21686)
CVE-2022-21686
CWE-94
Critical
OpenSSL Resource Management Errors Vulnerability (CVE-2011-4109)
CVE-2011-4109
-
Critical
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153)
CVE-2020-15153
CWE-138
Critical
PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-1939)
CVE-2011-1939
CWE-138
Critical
Oracle JRE CVE-2014-0429 Vulnerability (CVE-2014-0429)
CVE-2014-0429
-
Critical
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-3711)
CVE-2021-3711
CWE-120
Critical
Oracle JRE CVE-2014-0432 Vulnerability (CVE-2014-0432)
CVE-2014-0432
-
Critical
Pega Infinity Improper Privilege Management Vulnerability (CVE-2020-15390)
CVE-2020-15390
CWE-269
Critical
Moodle Improper Input Validation Vulnerability (CVE-2021-3943)
CVE-2021-3943
CWE-20
Critical
Oracle JRE CVE-2014-0455 Vulnerability (CVE-2014-0455)
CVE-2014-0455
-
Critical
Oracle JRE CVE-2014-0456 Vulnerability (CVE-2014-0456)
CVE-2014-0456
-
Critical
Oracle JRE CVE-2014-0457 Vulnerability (CVE-2014-0457)
CVE-2014-0457
-
Critical
Oracle HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
CVE-2021-40438
CWE-918
Critical
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
CVE-2021-40438
CWE-918
Critical
Oracle JRE CVE-2014-0461 Vulnerability (CVE-2014-0461)
CVE-2014-0461
-
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15160)
CVE-2020-15160
CWE-138
Critical
Django Resource Management Errors Vulnerability (CVE-2014-0474)
CVE-2014-0474
-
Critical
SharePoint Improper Input Validation Vulnerability (CVE-2011-1989)
CVE-2011-1989
CWE-20
Critical
ProjectSend Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-40887)
CVE-2021-40887
CWE-22
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-1151)
CVE-2011-1151
CWE-138
Critical
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2011-1134)
CVE-2011-1134
CWE-434
Critical
Contao Deserialization of Untrusted Data Vulnerability (CVE-2014-1860)
CVE-2014-1860
CWE-502
Critical
WebLogic CVE-2020-14882 Vulnerability (CVE-2020-14882)
CVE-2020-14882
-
Critical
ownCloud Improper Access Control Vulnerability (CVE-2014-2048)
CVE-2014-2048
CWE-284
Critical
Grafana Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2021-41244)
CVE-2021-41244
CWE-610
Critical
ownCloud Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-2052)
CVE-2014-2052
CWE-611
Critical
WebLogic CVE-2020-14859 Vulnerability (CVE-2020-14859)
CVE-2020-14859
-
Critical
WebLogic CVE-2020-14841 Vulnerability (CVE-2020-14841)
CVE-2020-14841
-
Critical
GlassFish CVE-2011-0807 Vulnerability (CVE-2011-0807)
CVE-2011-0807
-
Critical
WebLogic CVE-2020-14825 Vulnerability (CVE-2020-14825)
CVE-2020-14825
-
Critical
Apache HTTP Server Other Vulnerability (CVE-2021-42013)
CVE-2021-42013
-
Critical
Zikula Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2293)
CVE-2014-2293
CWE-94
Critical
Python Incorrect Authorization Vulnerability (CVE-2020-15801)
CVE-2020-15801
CWE-863
Critical
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0260)
CVE-2014-0260
CWE-119
Critical
Oracle JRE CVE-2014-2397 Vulnerability (CVE-2014-2397)
CVE-2014-2397
-
Critical
Oracle JRE CVE-2011-3544 Vulnerability (CVE-2011-3544)
CVE-2011-3544
-
Critical
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)
CVE-2020-1745
CWE-200
Critical
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4030)
CVE-2011-4030
CWE-264
Critical
ownCloud Improper Privilege Management Vulnerability (CVE-2021-35946)
CVE-2021-35946
CWE-269
Critical
MediaWiki Other Vulnerability (CVE-2021-36126)
CVE-2021-36126
-
Critical
MediaWiki Improper Authentication Vulnerability (CVE-2021-36128)
CVE-2021-36128
CWE-287
Critical
FluxBB CVE-2011-3621 Vulnerability (CVE-2011-3621)
CVE-2011-3621
-
Critical
Vanilla Forums Other Vulnerability (CVE-2011-3614)
CVE-2011-3614
-
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36392)
CVE-2021-36392
CWE-138
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36393)
CVE-2021-36393
CWE-138
Critical
Moodle CVE-2021-36394 Vulnerability (CVE-2021-36394)
CVE-2021-36394
-
Critical