Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23168 vulnerabilities in this category.

Critical: 1485 High: 12484 Medium: 8421 Low: 774 Information: 4
Vulnerability Name
CVE
CWE
Severity
Squid Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18677)
CVE-2019-18677
CWE-352
Medium
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17569)
CVE-2019-17569
CWE-444
Medium
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17567)
CVE-2019-17567
CWE-444
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17496)
CVE-2019-17496
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17223)
CVE-2019-17223
CWE-707
Medium
Python Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16935)
CVE-2019-16935
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16781)
CVE-2019-16781
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16780)
CVE-2019-16780
CWE-707
Medium
Joomla Missing Authorization Vulnerability (CVE-2019-18674)
CVE-2019-18674
CWE-862
Medium
Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-18678)
CVE-2019-18678
CWE-444
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1031)
CVE-2019-1031
CWE-707
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-19499)
CVE-2019-19499
CWE-200
Medium
Sqlite Improper Handling of Exceptional Conditions Vulnerability (CVE-2019-19924)
CVE-2019-19924
CWE-755
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19910)
CVE-2019-19910
CWE-707
Medium
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19845)
CVE-2019-19845
CWE-22
Medium
Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)
CVE-2019-19714
CWE-116
Medium
Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712)
CVE-2019-19712
CWE-276
Medium
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-19709)
CVE-2019-19709
CWE-601
Medium
Sqlite Uncontrolled Recursion Vulnerability (CVE-2019-19645)
CVE-2019-19645
CWE-674
Medium
silverstripeCMS Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2019-19326)
CVE-2019-19326
-
Medium
PleskLin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-18793)
CVE-2019-18793
CWE-707
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19325)
CVE-2019-19325
CWE-707
Medium
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19242)
CVE-2019-19242
CWE-476
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19211)
CVE-2019-19211
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19210)
CVE-2019-19210
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19206)
CVE-2019-19206
CWE-707
Medium
Django Incorrect Default Permissions Vulnerability (CVE-2019-19118)
CVE-2019-19118
CWE-276
Medium
Squid Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-18860)
CVE-2019-18860
CWE-138
Medium
PleskWin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-18793)
CVE-2019-18793
CWE-707
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14272)
CVE-2019-14272
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13397)
CVE-2019-13397
CWE-707
Medium
MySQL CVE-2018-3285 Vulnerability (CVE-2018-3285)
CVE-2018-3285
-
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8156)
CVE-2018-8156
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-9861)
CVE-2018-9861
CWE-707
Medium
Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)
CVE-2018-9481
CWE-190
Medium
SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-8580)
CVE-2018-8580
CWE-200
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8572)
CVE-2018-8572
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8568)
CVE-2018-8568
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8254)
CVE-2018-8254
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8252)
CVE-2018-8252
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8155)
CVE-2018-8155
CWE-707
Medium
Oracle HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-0197)
CVE-2019-0197
CWE-444
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8149)
CVE-2018-8149
CWE-707
Medium
Ext JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8046)
CVE-2018-8046
CWE-707
Medium
Apache Traffic Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2018-8040)
CVE-2018-8040
CWE-668
Medium
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037)
CVE-2018-8037
CWE-362
Medium
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-8005)
CVE-2018-8005
CWE-400
Medium
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2018-8004)
CVE-2018-8004
CWE-444
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724)
CVE-2018-7724
CWE-352
Medium
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0196)
CVE-2019-0196
CWE-416
Medium
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-0197)
CVE-2019-0197
CWE-444
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7722)
CVE-2018-7722
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0950)
CVE-2019-0950
CWE-707
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10092)
CVE-2019-10092
CWE-707
Medium
Lodash Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-1010266)
CVE-2019-1010266
CWE-770
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1010091)
CVE-2019-1010091
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1010016)
CVE-2019-1010016
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1003050)
CVE-2019-1003050
CWE-707
Medium
Chamilo Missing Authorization Vulnerability (CVE-2019-1000017)
CVE-2019-1000017
CWE-862
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1000015)
CVE-2019-1000015
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0949)
CVE-2019-0949
CWE-707
Medium
Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-0220)
CVE-2019-0220
CWE-706
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0831)
CVE-2019-0831
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0830)
CVE-2019-0830
CWE-707
Medium
MSSQL information disclosure vulnerability (CVE-2019-0819)
CVE-2019-0819
-
Medium
SharePoint CVE-2019-0562 Vulnerability (CVE-2019-0562)
CVE-2019-0562
-
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0558)
CVE-2019-0558
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0557)
CVE-2019-0557
CWE-707
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0221)
CVE-2019-0221
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7723)
CVE-2018-7723
CWE-707
Medium
Django Incorrect Regular Expression Vulnerability (CVE-2018-7537)
CVE-2018-7537
CWE-185
Medium
PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10129)
CVE-2019-10129
CWE-125
Medium
Oracle Application Server Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2018-5407)
CVE-2018-5407
-
Medium
PHP Incorrect Conversion between Numeric Types Vulnerability (CVE-2018-5711)
CVE-2018-5711
CWE-681
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5692)
CVE-2018-5692
CWE-707
Medium