Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23168 vulnerabilities in this category.

Critical: 1485 High: 12484 Medium: 8421 Low: 774 Information: 4
Vulnerability Name
CVE
CWE
Severity
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5690)
CVE-2018-5690
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5689)
CVE-2018-5689
CWE-707
Medium
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-5682)
CVE-2018-5682
CWE-200
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5681)
CVE-2018-5681
CWE-707
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5478)
CVE-2018-5478
CWE-707
Medium
OpenSSL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2018-5407)
CVE-2018-5407
-
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5715)
CVE-2018-5715
CWE-707
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5307)
CVE-2018-5307
CWE-707
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5306)
CVE-2018-5306
CWE-707
Medium
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-5301)
CVE-2018-5301
CWE-352
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5232)
CVE-2018-5232
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5230)
CVE-2018-5230
CWE-707
Medium
Lodash CVE-2018-3721 Vulnerability (CVE-2018-3721)
CVE-2018-3721
-
Medium
MySQL CVE-2018-3286 Vulnerability (CVE-2018-3286)
CVE-2018-3286
-
Medium
PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5712)
CVE-2018-5712
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5776)
CVE-2018-5776
CWE-707
Medium
Django Incorrect Regular Expression Vulnerability (CVE-2018-7536)
CVE-2018-7536
CWE-185
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6944)
CVE-2018-6944
CWE-707
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7305)
CVE-2018-7305
CWE-352
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7260)
CVE-2018-7260
CWE-707
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7202)
CVE-2018-7202
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7196)
CVE-2018-7196
CWE-707
Medium
osTicket Integer Overflow or Wraparound Vulnerability (CVE-2018-7194)
CVE-2018-7194
CWE-190
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7193)
CVE-2018-7193
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7192)
CVE-2018-7192
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6905)
CVE-2018-6905
CWE-707
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5950)
CVE-2018-5950
CWE-707
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-6883)
CVE-2018-6883
CWE-138
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6844)
CVE-2018-6844
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6380)
CVE-2018-6380
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6379)
CVE-2018-6379
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6378)
CVE-2018-6378
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6377)
CVE-2018-6377
CWE-707
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6356)
CVE-2018-6356
CWE-22
Medium
React Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6341)
CVE-2018-6341
CWE-707
Medium
Apache HTTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-10098)
CVE-2019-10098
CWE-601
Medium
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10130)
CVE-2019-10130
CWE-284
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13376)
CVE-2019-13376
CWE-352
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11876)
CVE-2019-11876
CWE-707
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-12309)
CVE-2019-12309
CWE-22
Medium
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12308)
CVE-2019-12308
CWE-707
Medium
silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12246)
CVE-2019-12246
CWE-352
Medium
silverstripeCMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-12245)
CVE-2019-12245
CWE-732
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12205)
CVE-2019-12205
CWE-707
Medium
silverstripeCMS Session Fixation Vulnerability (CVE-2019-12203)
CVE-2019-12203
CWE-384
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11876)
CVE-2019-11876
CWE-707
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11870)
CVE-2019-11870
CWE-707
Medium
Twisted Web HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-12387)
CVE-2019-12387
CWE-138
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11846)
CVE-2019-11846
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11809)
CVE-2019-11809
CWE-707
Medium
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-11767)
CVE-2019-11767
CWE-918
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11629)
CVE-2019-11629
CWE-707
Medium
WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11592)
CVE-2019-11592
CWE-707
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11589)
CVE-2019-11589
CWE-601
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11588)
CVE-2019-11588
CWE-352
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386)
CVE-2019-12386
CWE-707
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2019-12400)
CVE-2019-12400
CWE-20
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11586)
CVE-2019-11586
CWE-352
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12748)
CVE-2019-12748
CWE-707
Medium
Squid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13345)
CVE-2019-13345
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13068)
CVE-2019-13068
CWE-707
Medium
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12922)
CVE-2019-12922
CWE-352
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12823)
CVE-2019-12823
CWE-707
Medium
Django Cleartext Transmission of Sensitive Information Vulnerability (CVE-2019-12781)
CVE-2019-12781
CWE-319
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12766)
CVE-2019-12766
CWE-707
Medium
Joomla CVE-2019-12764 Vulnerability (CVE-2019-12764)
CVE-2019-12764
-
Medium
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12616)
CVE-2019-12616
CWE-352
Medium
WebLogic Improper Input Validation Vulnerability (CVE-2019-12400)
CVE-2019-12400
CWE-20
Medium
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12529)
CVE-2019-12529
CWE-200
Medium
Squid Improper Privilege Management Vulnerability (CVE-2019-12522)
CVE-2019-12522
CWE-269
Medium
Squid Out-of-bounds Write Vulnerability (CVE-2019-12521)
CVE-2019-12521
CWE-787
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12471)
CVE-2019-12471
CWE-707
Medium
MediaWiki Missing Authorization Vulnerability (CVE-2019-12470)
CVE-2019-12470
CWE-862
Medium
MediaWiki Missing Authorization Vulnerability (CVE-2019-12469)
CVE-2019-12469
CWE-862
Medium
MediaWiki CVE-2019-12467 Vulnerability (CVE-2019-12467)
CVE-2019-12467
-
Medium