cbcvebase.

Acunetix Web Vulnerability Scanner vulnerabilities

5 known vulnerabilities affecting acunetix/web_vulnerability_scanner.

Total CVEs
5
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM1LOW1

Vulnerabilities

Page 1 of 1
CVE-2014-2994P2CRITICALCVSS 10.0PoCv82014-04-27
CVE-2014-2994 [CRITICAL] CWE-119 CVE-2014-2994: Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remo Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (src attribute).
nvd
CVE-2015-4027P3HIGHCVSS 7.2PoC≤ 102015-12-17
CVE-2015-4027 [HIGH] CWE-264 CVE-2015-4027: The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
nvd
CVE-2017-11673P3CRITICALCVSS 9.8v82017-07-27
CVE-2017-11673 [CRITICAL] CWE-20 CVE-2017-11673: Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of se Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at reporter!madTraceProcess."
nvd
CVE-2007-0120P4LOWCVSS 1.9PoC≤ 4.0_build_2006-07-172007-01-09
CVE-2007-0120 [LOW] CVE-2007-0120: Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlier allows remote attackers to c Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlier allows remote attackers to cause a denial of service (application crash) via multiple HTTP requests containing invalid Content-Length values.
nvd
CVE-2017-11674P4MEDIUMCVSS 5.5v82017-07-27
CVE-2017-11674 [MEDIUM] CWE-119 CVE-2017-11674: Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service (application crash) Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service (application crash) via a malformed PRE file, related to a "Read Access Violation starting at reporter!madTraceProcess."
nvd
Acunetix Web Vulnerability Scanner vulnerabilities | cvebase