Web Application Vulnerabilities Index

This page lists vulnerabilities categorized as Critical severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Out of Band Code Execution via SSTI (Java FreeMarker)
Out of Band Code Execution via SSTI (Java FreeMarker)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Java Velocity)
Out of Band Code Execution via SSTI (Java Velocity)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Node.js Dot)
Out of Band Code Execution via SSTI (Node.js Dot)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Node.js EJS)
Out of Band Code Execution via SSTI (Node.js EJS)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Node.js Marko)
Out of Band Code Execution via SSTI (Node.js Marko)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Node.js Nunjucks)
Out of Band Code Execution via SSTI (Node.js Nunjucks)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Node.js Pug (Jade))
Out of Band Code Execution via SSTI (Node.js Pug (Jade))
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (PHP Smarty)
Out of Band Code Execution via SSTI (PHP Smarty)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (PHP Twig)
Out of Band Code Execution via SSTI (PHP Twig)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Python Jinja)
Out of Band Code Execution via SSTI (Python Jinja)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Python Mako)
Out of Band Code Execution via SSTI (Python Mako)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Code Execution via SSTI (Python Tornado)
Out of Band Code Execution via SSTI (Python Tornado)
CAPEC-23
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Out of Band Command Injection
Out of Band Command Injection
CAPEC-88
, 
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-78
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-31
, 
Critical
Out of Band Remote File Inclusion
Out of Band Remote File Inclusion
CAPEC-193
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-98
, 
HIPAA-164.306(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-5
, 
Critical
Out of Band SQL Injection
Out of Band SQL Injection
CAPEC-66
, 
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-89
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-19
, 
Critical
Palo Alto PAN-OS Management Interface Auth Bypass (CVE-2024-0012/CVE-2024-9474)
Palo Alto PAN-OS Management Interface Auth Bypass (CVE-2024-0012/CVE-2024-9474)
CWE-CWE-306
, 
Critical
PAN-OS Management Interface Authentication Bypass (CVE-2025-0108)
PAN-OS Management Interface Authentication Bypass (CVE-2025-0108)
CWE-CWE-287
, 
Critical
Private Json Web Key Set Disclosure
Private Json Web Key Set Disclosure
CAPEC-118
, 
CWE-200
, 
ISO27001-A.18.1.4
, 
WASC-13
, 
Critical
RegreSSHion Attack (CVE-2024-6387)
RegreSSHion Attack (CVE-2024-6387)
CAPEC-26
, 
CWE-366
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.5.1
, 
Critical
Remote Code Execution and DoS in HTTP.sys (IIS)
Remote Code Execution and DoS in HTTP.sys (IIS)
CAPEC-340
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:W/RC:C
, 
CWE-20
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-7
, 
Critical
Remote Code Execution (Spring4Shell)
Remote Code Execution (Spring4Shell)
CAPEC-242
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Remote File Inclusion
Remote File Inclusion
CAPEC-193
, 
CWE-98
, 
HIPAA-164.306(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-5
, 
Critical
Server-Side Request Forgery (Equinix)
Server-Side Request Forgery (Equinix)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
, 
CWE-918
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
Critical
Server-Side Request Forgery (Oracle Cloud)
Server-Side Request Forgery (Oracle Cloud)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
, 
CWE-918
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
Critical
Server-Side Request Forgery (Packet Cloud)
Server-Side Request Forgery (Packet Cloud)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
, 
CWE-918
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
Critical
Server-Side Request Forgery (trace.axd)
Server-Side Request Forgery (trace.axd)
CAPEC-347
, 
CWE-918
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.6
, 
WASC-15
, 
Critical
Server-Side Template Injection
Server-Side Template Injection
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (ASP.NET Razor)
Server-Side Template Injection (ASP.NET Razor)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (Java FreeMarker)
Server-Side Template Injection (Java FreeMarker)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (Java Pebble)
Server-Side Template Injection (Java Pebble)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (Java Velocity)
Server-Side Template Injection (Java Velocity)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (JinJava)
Server-Side Template Injection (JinJava)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (Node.js Dot)
Server-Side Template Injection (Node.js Dot)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (Node.js EJS)
Server-Side Template Injection (Node.js EJS)
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Server-Side Template Injection (Ruby ERB)
Server-Side Template Injection (Ruby ERB)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-74
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
SharePoint "ToolShell" RCE (CVE-2025-49704/CVE-2025-49706/CVE-2025-53770/CVE-2025-53771)
SharePoint "ToolShell" RCE (CVE-2025-49704/CVE-2025-49706/CVE-2025-53770/CVE-2025-53771)
CWE-CWE-502
, 
Critical
Sitecore XM/XP Insecure Deserialization (CVE-2025-27218)
Sitecore XM/XP Insecure Deserialization (CVE-2025-27218)
CWE-CWE-502
, 
Critical
SQL Injection
SQL Injection
CAPEC-66
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-89
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-19
, 
Critical
SQL Injection (IAST)
SQL Injection (IAST)
CAPEC-66
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-89
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-19
, 
Critical
Text4Shell Remote Code Execution - (CVE-2022-42889)
Text4Shell Remote Code Execution - (CVE-2022-42889)
CAPEC-242
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A01
, 
PCI v3.2-6.5.1
, 
Critical
TorchServe Management API SSRF (CVE-2023-43654)
TorchServe Management API SSRF (CVE-2023-43654)
CWE-918
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
Critical
VMware Aria Operations for Networks Remote Code Execution (CVE-2023-20887)
VMware Aria Operations for Networks Remote Code Execution (CVE-2023-20887)
CAPEC-242
, 
CWE-94
, 
HIPAA-164.206(a)
, 
164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Web Backdoor Detected
Web Backdoor Detected
CAPEC-443
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-507
, 
HIPAA-164.308(a)
, 
ISO27001-A.12.2.1
, 
OWASP 2017-A10
, 
PCI v3.2-6.5.6
, 
Critical
Web Cache Deception
Web Cache Deception
CAPEC-CAPEC
, 
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
, 
ISO27001-A.14.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-2.2.3
, 
WASC-6
, 
Critical
Wing FTP Server RCE (CVE-2025-47812)
Wing FTP Server RCE (CVE-2025-47812)
CWE-CWE-158
, 
Critical