Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-32071)
CVE-2023-32071
CWE-707
Critical
Pega Infinity Improper Authentication Vulnerability (CVE-2023-32090)
CVE-2023-32090
CWE-287
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)
CVE-2019-16335
CWE-502
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)
CVE-2019-16335
CWE-502
Critical
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10752)
CVE-2016-10752
CWE-434
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33361)
CVE-2023-33361
CWE-138
Critical
LimeSurvey Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-16184)
CVE-2019-16184
CWE-1236
Critical
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)
CVE-2016-10036
CWE-434
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934)
CVE-2023-33934
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1283)
CVE-2016-1283
CWE-119
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1903)
CVE-2016-1903
CWE-119
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5366)
CVE-2006-5366
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5365)
CVE-2006-5365
-
Critical
ATutor Incorrect Authorization Vulnerability (CVE-2019-16114)
CVE-2019-16114
CWE-863
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5362)
CVE-2006-5362
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5361)
CVE-2006-5361
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5360)
CVE-2006-5360
-
Critical
Oracle Application Server CVE-2006-5359 Vulnerability (CVE-2006-5359)
CVE-2006-5359
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5358)
CVE-2006-5358
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5357)
CVE-2006-5357
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5356)
CVE-2006-5356
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5355)
CVE-2006-5355
-
Critical
phpMyAdmin Other Vulnerability (CVE-2007-0203)
CVE-2007-0203
-
Critical
WordPress Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2016-10033)
CVE-2016-10033
CWE-707
Critical
PHP Numeric Errors Vulnerability (CVE-2007-1383)
CVE-2007-1383
-
Critical
Nginx Other Vulnerability (CVE-2016-0746)
CVE-2016-0746
-
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29207)
CVE-2023-29207
CWE-707
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17571)
CVE-2019-17571
CWE-502
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17565)
CVE-2019-17565
CWE-444
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17559)
CVE-2019-17559
CWE-444
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)
CVE-2019-17531
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)
CVE-2019-17531
CWE-502
Critical
SharePoint CVE-2023-29357 Vulnerability (CVE-2023-29357)
CVE-2023-29357
-
Critical
Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)
CVE-2019-17444
CWE-521
Critical
PHP CVE-2007-0910 Vulnerability (CVE-2007-0910)
CVE-2007-0910
-
Critical
OpenSSL Other Vulnerability (CVE-2016-0705)
CVE-2016-0705
-
Critical
MySQL Other Vulnerability (CVE-2016-0705)
CVE-2016-0705
-
Critical
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-0718)
CVE-2016-0718
CWE-119
Critical
phpMyFAQ Improper Access Control Vulnerability (CVE-2023-2429)
CVE-2023-2429
CWE-284
Critical
PHP Other Vulnerability (CVE-2007-0448)
CVE-2007-0448
-
Critical
Joomla Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2016-10033)
CVE-2016-10033
CWE-707
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)
CVE-2019-17267
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)
CVE-2019-17267
CWE-502
Critical
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0788)
CVE-2016-0788
CWE-264
Critical
WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-17195)
CVE-2019-17195
CWE-754
Critical
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0791)
CVE-2016-0791
CWE-200
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16943)
CVE-2019-16943
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16943)
CVE-2019-16943
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
CVE-2019-16942
CWE-502
Critical
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-0799)
CVE-2016-0799
CWE-119
Critical
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
CVE-2019-16942
CWE-502
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
CVE-2019-16942
CWE-502
Critical
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-30838)
CVE-2023-30838
CWE-707
Critical
Django Improper Input Validation Vulnerability (CVE-2023-31047)
CVE-2023-31047
CWE-20
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31126)
CVE-2023-31126
CWE-707
Critical
ZenCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-8352)
CVE-2015-8352
CWE-22
Critical
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2015-8103)
CVE-2015-8103
CWE-502
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5354)
CVE-2006-5354
-
Critical
Python Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2008-1887)
CVE-2008-1887
CWE-120
Critical
ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-4716)
CVE-2015-4716
CWE-22
Critical
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)
CVE-2022-43138
CWE-269
Critical
ownCloud Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4718)
CVE-2015-4718
CWE-138
Critical
LimeSurvey CVE-2008-2570 Vulnerability (CVE-2008-2570)
CVE-2008-2570
-
Critical
WordPress Improper Input Validation Vulnerability (CVE-2008-2392)
CVE-2008-2392
CWE-20
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43168)
CVE-2022-43168
CWE-138
Critical
PHP Insufficient Entropy Vulnerability (CVE-2008-2108)
CVE-2008-2108
CWE-331
Critical
PHP CVE-2008-2051 Vulnerability (CVE-2008-2051)
CVE-2008-2051
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-2050)
CVE-2008-2050
CWE-119
Critical
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
CVE-2008-1989
CWE-94
Critical
Oracle Database Server CVE-2015-4794 Vulnerability (CVE-2015-4794)
CVE-2015-4794
-
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-44945)
CVE-2022-44945
CWE-138
Critical
Oracle Database Server CVE-2015-4796 Vulnerability (CVE-2015-4796)
CVE-2015-4796
-
Critical
Oracle Application Server CVE-2008-1824 Vulnerability (CVE-2008-1824)
CVE-2008-1824
-
Critical
PHP Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4642)
CVE-2015-4642
CWE-138
Critical
Oracle Database Server CVE-2008-1821 Vulnerability (CVE-2008-1821)
CVE-2008-1821
-
Critical