Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23168 vulnerabilities in this category.

Critical: 1485 High: 12484 Medium: 8421 Low: 774 Information: 4
Vulnerability Name
CVE
CWE
Severity
Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)
CVE-2019-14280
CWE-200
Medium
silverstripeCMS Files or Directories Accessible to External Parties Vulnerability (CVE-2019-14273)
CVE-2019-14273
CWE-552
Medium
Moodle Improper Control of Generation of Code (Code Injection) (CVE-2019-14827)
CVE-2019-14827
-
Medium
Moodle Improper Following of Specification by Caller Vulnerability (CVE-2019-14829)
CVE-2019-14829
CWE-573
Medium
Atlassian Jira Other Vulnerability (CVE-2019-14997)
CVE-2019-14997
-
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14885)
CVE-2019-14885
CWE-200
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14996)
CVE-2019-14996
CWE-707
Medium
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-14995)
CVE-2019-14995
CWE-276
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14974)
CVE-2019-14974
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14947)
CVE-2019-14947
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14946)
CVE-2019-14946
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14945)
CVE-2019-14945
CWE-707
Medium
Jboss EAP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14900)
CVE-2019-14900
CWE-138
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14884)
CVE-2019-14884
CWE-707
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14830)
CVE-2019-14830
CWE-601
Medium
Moodle Missing Authorization Vulnerability (CVE-2019-14883)
CVE-2019-14883
CWE-862
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14882)
CVE-2019-14882
CWE-601
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14881)
CVE-2019-14881
CWE-707
Medium
Moodle Improper Check for Dropped Privileges Vulnerability (CVE-2019-14879)
CVE-2019-14879
CWE-273
Medium
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863)
CVE-2019-14863
CWE-707
Medium
Knockout.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14862)
CVE-2019-14862
CWE-707
Medium
Jboss EAP Improper Privilege Management Vulnerability (CVE-2019-14838)
CVE-2019-14838
CWE-269
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14831)
CVE-2019-14831
CWE-601
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16688)
CVE-2019-16688
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16728)
CVE-2019-16728
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13643)
CVE-2019-13643
CWE-707
Medium
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-1551)
CVE-2019-1551
CWE-200
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20100)
CVE-2019-20100
CWE-352
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20099)
CVE-2019-20099
CWE-352
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20098)
CVE-2019-20098
CWE-352
Medium
WordPress Improper Privilege Management Vulnerability (CVE-2019-20043)
CVE-2019-20043
CWE-269
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20042)
CVE-2019-20042
CWE-707
Medium
OpenSSL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2019-1559)
CVE-2019-1559
-
Medium
MySQL Observable Discrepancy Vulnerability (CVE-2019-1559)
CVE-2019-1559
CWE-203
Medium
OpenSSL Use of Insufficiently Random Values Vulnerability (CVE-2019-1549)
CVE-2019-1549
CWE-330
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20102)
CVE-2019-20102
CWE-707
Medium
OpenSSL Missing Encryption of Sensitive Data Vulnerability (CVE-2019-1547)
CVE-2019-1547
CWE-311
Medium
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1443)
CVE-2019-1443
CWE-434
Medium
SharePoint Origin Validation Error Vulnerability (CVE-2019-1442)
CVE-2019-1442
CWE-346
Medium
SharePoint CVE-2019-1260 Vulnerability (CVE-2019-1260)
CVE-2019-1260
-
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1203)
CVE-2019-1203
CWE-707
Medium
SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-1202)
CVE-2019-1202
CWE-200
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1134)
CVE-2019-1134
CWE-707
Medium
Atlassian Jira Other Vulnerability (CVE-2019-20101)
CVE-2019-20101
-
Medium
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-20106)
CVE-2019-20106
CWE-276
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1033)
CVE-2019-1033
CWE-707
Medium
Atlassian Jira CVE-2019-20410 Vulnerability (CVE-2019-20410)
CVE-2019-20410
-
Medium
Atlassian Jira CVE-2019-20418 Vulnerability (CVE-2019-20418)
CVE-2019-20418
-
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20417)
CVE-2019-20417
CWE-601
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20416)
CVE-2019-20416
CWE-707
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20415)
CVE-2019-20415
CWE-352
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20414)
CVE-2019-20414
CWE-707
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-20412)
CVE-2019-20412
CWE-287
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20411)
CVE-2019-20411
CWE-352
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-20408)
CVE-2019-20408
CWE-918
Medium
MyBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20225)
CVE-2019-20225
CWE-601
Medium
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-20407)
CVE-2019-20407
CWE-862
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20405)
CVE-2019-20405
CWE-352
Medium
Atlassian Jira CVE-2019-20404 Vulnerability (CVE-2019-20404)
CVE-2019-20404
-
Medium
Atlassian Jira CVE-2019-20403 Vulnerability (CVE-2019-20403)
CVE-2019-20403
-
Medium
Atlassian Jira CVE-2019-20402 Vulnerability (CVE-2019-20402)
CVE-2019-20402
-
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20401)
CVE-2019-20401
CWE-352
Medium
Nginx Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20372)
CVE-2019-20372
CWE-444
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1036)
CVE-2019-1036
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1032)
CVE-2019-1032
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16738)
CVE-2019-16738
CWE-200
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17577)
CVE-2019-17577
CWE-707
Medium
Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-18348)
CVE-2019-18348
CWE-138
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-18210)
CVE-2019-18210
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17674)
CVE-2019-17674
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17672)
CVE-2019-17672
CWE-707
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-17671)
CVE-2019-17671
CWE-200
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17660)
CVE-2019-17660
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17578)
CVE-2019-17578
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17576)
CVE-2019-17576
CWE-707
Medium