Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Missing Update

This page lists 22224 vulnerabilities in this category.

Critical: 1394 High: 12186 Medium: 7891 Low: 749 Information: 4
Vulnerability Name
CVE
CWE
Severity
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145)
CVE-2024-25145
CWE-707
Medium
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-1935)
CVE-2020-1935
CWE-444
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
CVE-2024-25143
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
CVE-2024-25143
CWE-770
Medium
Liferay DXP Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay Portal Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145)
CVE-2024-25145
CWE-707
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-25146)
CVE-2024-25146
CWE-203
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-25146)
CVE-2024-25146
CWE-203
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25147)
CVE-2024-25147
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25147)
CVE-2024-25147
CWE-707
Medium
Apache HTTP Server Use of Uninitialized Resource Vulnerability (CVE-2020-1934)
CVE-2020-1934
CWE-908
Medium
Apache HTTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1927)
CVE-2020-1927
CWE-601
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-1755)
CVE-2020-1755
CWE-345
Medium
Liferay Portal Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)
CVE-2024-26143
CWE-707
Medium
Ruby on Rails CVE-2024-26144 Vulnerability (CVE-2024-26144)
CVE-2024-26144
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46150)
CVE-2021-46150
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-46148)
CVE-2021-46148
CWE-200
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-26129)
CVE-2024-26129
CWE-22
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Jboss EAP Other Vulnerability (CVE-2020-1710)
CVE-2020-1710
-
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-25983)
CVE-2024-25983
CWE-639
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-28169)
CVE-2021-28169
CWE-200
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
WebLogic Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2021-28170)
CVE-2021-28170
CWE-138
Medium
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784)
CVE-2021-46784
CWE-400
Medium
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
CVE-2021-46687
CWE-668
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
PostgreSQL Missing Authorization Vulnerability (CVE-2020-1720)
CVE-2020-1720
CWE-862
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-1754)
CVE-2020-1754
CWE-732
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1732)
CVE-2020-1732
CWE-20
Medium
Moodle CVE-2024-25979 Vulnerability (CVE-2024-25979)
CVE-2024-25979
-
Medium
Moodle CVE-2024-25980 Vulnerability (CVE-2024-25980)
CVE-2024-25980
-
Medium
Moodle CVE-2024-25981 Vulnerability (CVE-2024-25981)
CVE-2024-25981
-
Medium
MySQL CVE-2024-21160 Vulnerability (CVE-2024-21160)
CVE-2024-21160
-
Medium
MySQL CVE-2024-21157 Vulnerability (CVE-2024-21157)
CVE-2024-21157
-
Medium
SharePoint CVE-2020-1205 Vulnerability (CVE-2020-1205)
CVE-2020-1205
-
Medium
MediaWiki Other Vulnerability (CVE-2020-27621)
CVE-2020-27621
-
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-48219)
CVE-2023-48219
CWE-707
Medium
Oracle JRE CVE-2022-21282 Vulnerability (CVE-2022-21282)
CVE-2022-21282
-
Medium
Liferay Portal Session Fixation Vulnerability (CVE-2023-47798)
CVE-2023-47798
CWE-384
Medium
Liferay DXP Session Fixation Vulnerability (CVE-2023-47798)
CVE-2023-47798
CWE-384
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47797)
CVE-2023-47797
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47795)
CVE-2023-47795
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47795)
CVE-2023-47795
CWE-707
Medium
Jetty CVE-2020-27218 Vulnerability (CVE-2020-27218)
CVE-2020-27218
-
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-47283)
CVE-2023-47283
CWE-22
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47272)
CVE-2023-47272
CWE-707
Medium
TYPO3 Improper Authentication Vulnerability (CVE-2023-47127)
CVE-2023-47127
CWE-287
Medium
TYPO3 CVE-2023-47126 Vulnerability (CVE-2023-47126)
CVE-2023-47126
-
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47125)
CVE-2023-47125
CWE-707
Medium
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27388)
CVE-2020-27388
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-46967)
CVE-2023-46967
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27193)
CVE-2020-27193
CWE-707
Medium
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28168)
CVE-2020-28168
CWE-918
Medium
Werkzeug WSGI URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-28724)
CVE-2020-28724
CWE-601
Medium
Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46137)
CVE-2023-46137
-
Medium
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28644)
CVE-2020-28644
CWE-352
Medium