Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

High Severity Vulnerabilities

Found 5664 vulnerabilities at High severity.

Reference
Title
Technology
CVE-2025-62399
Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability
Moodle
CVE-2025-67853
Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability
Moodle
CVE-2025-67851
Moodle Improper Neutralization of Formula Elements in a CSV File Vulnerability
Moodle
CVE-2025-67848
Moodle Improper Handling of Insufficient Permissions or Privileges Vulnerability
Moodle
CVE-2026-26046
Moodle Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Moodle
CVE-2026-26045
Moodle Improper Control of Generation of Code (Code Injection) Vulnerability
Moodle
CVE-2025-67847
Moodle Improper Control of Generation of Code (Code Injection) Vulnerability
Moodle
CVE-2020-5745
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
TCExam
CVE-2021-20114
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
TCExam
CVE-2020-24986
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability
concrete5
CVE-2020-11476
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability
concrete5
CVE-2015-4724
concrete5 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
concrete5
CVE-2018-13790
concrete5 Server-Side Request Forgery (SSRF) Vulnerability
concrete5
CVE-2021-3980
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability
Elgg
CVE-2019-11378
ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability
ProjectSend
CVE-2020-28874
ProjectSend Improper Privilege Management Vulnerability
ProjectSend
CVE-2021-40884
ProjectSend Incorrect Authorization Vulnerability
ProjectSend
CVE-2018-7201
ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability
ProjectSend
CVE-2019-11492
ProjectSend Insertion of Sensitive Information into Log File Vulnerability
ProjectSend
CVE-2024-7659
ProjectSend Use of Insufficiently Random Values Vulnerability
ProjectSend
CVE-2023-53930
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability
ProjectSend
CVE-2023-53905
ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability
ProjectSend
CVE-2020-7746
Chart.js Improper Input Validation Vulnerability
Chart.js
CVE-2020-28496
Three.js Uncontrolled Resource Consumption Vulnerability
Three.js
CVE-2019-11458
CakePHP Deserialization of Untrusted Data Vulnerability
CakePHP
CVE-2016-4793
CakePHP Improper Input Validation Vulnerability
CakePHP
CVE-2020-35239
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability
CakePHP
CVE-2010-4335
CakePHP Improper Input Validation Vulnerability
CakePHP
CVE-2015-8379
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability
CakePHP
CVE-2017-5480
b2evolution Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
b2evolution