Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5501)
CVE-2020-5501
CWE-352
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5502)
CVE-2020-5502
CWE-352
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-70810)
CVE-2025-70810
CWE-352
High
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-70811)
CVE-2025-70811
CWE-352
Medium
phpBB CVE-2008-3224 Vulnerability (CVE-2008-3224)
CVE-2008-3224
-
Critical
phpBB CVE-2008-4125 Vulnerability (CVE-2008-4125)
CVE-2008-4125
-
Medium
phpBB CVE-2008-6507 Vulnerability (CVE-2008-6507)
CVE-2008-6507
-
Medium
phpBB CVE-2010-1630 Vulnerability (CVE-2010-1630)
CVE-2010-1630
-
High
phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-2346)
CVE-2002-2346
CWE-200
Medium
phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-7143)
CVE-2008-7143
CWE-200
Medium
phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5173)
CVE-2007-5173
CWE-94
Medium
phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16108)
CVE-2019-16108
CWE-94
High
phpBB Improper Initialization Vulnerability (CVE-2001-1471)
CVE-2001-1471
CWE-665
High
phpBB Improper Input Validation Vulnerability (CVE-2006-2220)
CVE-2006-2220
CWE-20
Medium
phpBB Improper Input Validation Vulnerability (CVE-2019-9826)
CVE-2019-9826
CWE-20
High
phpBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-25685)
CVE-2019-25685
CWE-22
High
phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2002-2255)
CVE-2002-2255
CWE-707
Medium
phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0544)
CVE-2011-0544
CWE-707
Medium
phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1431)
CVE-2015-1431
CWE-707
Medium
phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5917)
CVE-2023-5917
CWE-707
Medium
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2003-1530)
CVE-2003-1530
CWE-138
High
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-4653)
CVE-2007-4653
CWE-138
High
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-5688)
CVE-2007-5688
CWE-138
High
phpBB Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2018-19274)
CVE-2018-19274
CWE-915
High
phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6506)
CVE-2008-6506
CWE-264
Medium
phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1627)
CVE-2010-1627
CWE-264
Medium
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000419)
CVE-2017-1000419
CWE-918
High
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-11767)
CVE-2019-11767
CWE-918
Medium
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-8226)
CVE-2020-8226
CWE-918
Medium
phpBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-3880)
CVE-2015-3880
CWE-601
Medium
Phpfastcache phpinfo publicly accessible (CVE-2021-37704)
CVE-2021-37704
CWE-200
Medium
PHPFusion Code Execution Vulnerability (CVE-2019-12099)
CVE-2019-12099
-
High
PHPFusion Multiple SQL Injection Vulnerabilities (CVE-2014-8596)
CVE-2014-8596
-
High
PHPinfo pages
-
CWE-200
Medium
phpList Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2020-8547)
CVE-2020-8547
CWE-843
Critical
phpList Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-2916)
CVE-2014-2916
CWE-352
Medium
phpList CVE-2017-20031 Vulnerability (CVE-2017-20031)
CVE-2017-20031
-
Low
phpList CVE-2023-27576 Vulnerability (CVE-2023-27576)
CVE-2023-27576
-
Medium
phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)
CVE-2008-6178
CWE-94
High
phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-3188)
CVE-2021-3188
CWE-1236
Critical
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2741)
CVE-2012-2741
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3952)
CVE-2012-3952
CWE-707
Low
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4246)
CVE-2012-4246
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4247)
CVE-2012-4247
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20033)
CVE-2017-20033
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20034)
CVE-2017-20034
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20035)
CVE-2017-20035
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20036)
CVE-2017-20036
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12639)
CVE-2020-12639
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13827)
CVE-2020-13827
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15073)
CVE-2020-15073
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22251)
CVE-2020-22251
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23190)
CVE-2020-23190
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23192)
CVE-2020-23192
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23194)
CVE-2020-23194
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23207)
CVE-2020-23207
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23208)
CVE-2020-23208
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23209)
CVE-2020-23209
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23214)
CVE-2020-23214
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23217)
CVE-2020-23217
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36398)
CVE-2020-36398
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36399)
CVE-2020-36399
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-28073)
CVE-2025-28073
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-28074)
CVE-2025-28074
CWE-707
Medium
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2740)
CVE-2012-2740
CWE-138
High
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-3953)
CVE-2012-3953
CWE-138
High
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20029)
CVE-2017-20029
CWE-138
Critical
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20030)
CVE-2017-20030
CWE-138
High
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20032)
CVE-2017-20032
CWE-138
Critical
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15072)
CVE-2020-15072
CWE-138
High
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-35708)
CVE-2020-35708
CWE-138
High
phpList Incorrect Comparison Vulnerability (CVE-2020-23361)
CVE-2020-23361
CWE-697
Critical
phpList Other Vulnerability (CVE-2006-5524)
CVE-2006-5524
-
Medium
phpList Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-22249)
CVE-2020-22249
CWE-434
Critical
phpLiteAdmin default password
-
CWE-200
High