Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

Critical Severity Vulnerabilities

Found 2862 vulnerabilities at Critical severity.

Reference
Title
Technology
CVE-2025-6965
Sqlite Numeric Truncation Error Vulnerability
Sqlite
CVE-2025-7458
Sqlite Integer Overflow or Wraparound Vulnerability
Sqlite
CVE-2025-3277
Sqlite Integer Overflow or Wraparound Vulnerability
Sqlite
CVE-2022-41853
HSQLDB Vulnerability
HSQLDB
CVE-2020-36157
WordPress Ultimate Member Plugin Vulnerability
WordPress Ultimate Member Plugin
CVE-2020-36155
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability
WordPress Ultimate Member Plugin
CVE-2023-3460
Unauthorized Admin Access for Ultimate Member plugin
WordPress Ultimate Member Plugin
CVE-2024-1071
WordPress Ultimate Member Plugin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
WordPress Ultimate Member Plugin
CVE-2022-26352
Dot CMS Other Vulnerability
Dot CMS
CVE-2020-19138
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability
Dot CMS
CVE-2020-6754
Dot CMS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Dot CMS
CVE-2017-5344
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-2355
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2016-8902
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2025-11165
Dot CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dot CMS
CVE-2022-22947
Spring Cloud Gateway Improper Neutralization of Special Elements used in an Expression Language Statement (Expression La Vulnerability
Spring Cloud Gateway
CVE-2023-6971
Wordpress Plugin Backup Migration Inclusion of Functionality from Untrusted Control Sphere Vulnerability
Wordpress Plugin Backup Migration
CVE-2023-6972
Wordpress Plugin Backup Migration Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Wordpress Plugin Backup Migration
CVE-2023-6553
Wordpress Plugin Backup Migration Vulnerability
Wordpress Plugin Backup Migration
CVE-2017-15535
MongoDb Vulnerability
MongoDb
CVE-2024-1351
MongoDb Improper Certificate Validation Vulnerability
MongoDb
CVE-2024-8654
MongoDb Use of Uninitialized Resource Vulnerability
MongoDb
CVE-2025-3085
MongoDb Improper Check for Certificate Revocation Vulnerability
MongoDb
CVE-2023-25157
GeoServer Improper Neutralization of Special Elements used in an SQL Command
GeoServer
CVE-2023-43795
GeoServer Server-Side Request Forgery
GeoServer
CVE-2023-35042
GeoServer Vulnerability
GeoServer
CVE-2024-36401
GeoServer Improper Control of Generation of Code (Code Injection) Vulnerability
GeoServer
CVE-2025-30220
GeoServer Improper Control of Generation of Code (Code Injection) Vulnerability
GeoServer
CVE-2025-58360
GeoServer Improper Restriction of XML External Entity Reference Vulnerability
GeoServer
No CVE number
WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities
WP Plugin 1 Flash Gallery