Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-27299)
CVE-2024-27299
CWE-138
High
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-28107)
CVE-2024-28107
CWE-138
High
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-62519)
CVE-2025-62519
CWE-138
High
phpMyFAQ Improper Privilege Management Vulnerability (CVE-2023-1762)
CVE-2023-1762
CWE-269
High
phpMyFAQ Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2017-11187)
CVE-2017-11187
CWE-307
Critical
phpMyFAQ Incorrect Authorization Vulnerability (CVE-2024-22208)
CVE-2024-22208
CWE-863
Medium
phpMyFAQ Insufficient Session Expiration Vulnerability (CVE-2023-5865)
CVE-2023-5865
CWE-613
Critical
phpMyFAQ Misinterpretation of Input Vulnerability (CVE-2023-0880)
CVE-2023-0880
CWE-115
Medium
phpMyFAQ Missing Authorization Vulnerability (CVE-2026-24421)
CVE-2026-24421
CWE-862
Medium
phpMyFAQ Missing Authorization Vulnerability (CVE-2026-27836)
CVE-2026-27836
CWE-862
High
phpMyFAQ Other Vulnerability (CVE-2004-2255)
CVE-2004-2255
-
Medium
phpMyFAQ Other Vulnerability (CVE-2004-2257)
CVE-2004-2257
-
Medium
phpMyFAQ Other Vulnerability (CVE-2005-0702)
CVE-2005-0702
-
Medium
phpMyFAQ Other Vulnerability (CVE-2005-3048)
CVE-2005-3048
-
Medium
phpMyFAQ Other Vulnerability (CVE-2005-3049)
CVE-2005-3049
-
Medium
phpMyFAQ Other Vulnerability (CVE-2005-3050)
CVE-2005-3050
-
Medium
phpMyFAQ Other Vulnerability (CVE-2005-3734)
CVE-2005-3734
-
Medium
phpMyFAQ Other Vulnerability (CVE-2006-6913)
CVE-2006-6913
-
High
phpMyFAQ Permission Issues Vulnerability (CVE-2014-6047)
CVE-2014-6047
-
Medium
phpMyFAQ Sensitive Cookie in HTTPS Session Without 'Secure' Attribute Vulnerability (CVE-2023-5866)
CVE-2023-5866
CWE-614
Medium
phpMyFAQ Uncaught Exception Vulnerability (CVE-2023-0790)
CVE-2023-0790
CWE-248
High
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5227)
CVE-2023-5227
CWE-434
Critical
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-28105)
CVE-2024-28105
CWE-434
High
phpMyFAQ User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2024-55889)
CVE-2024-55889
CWE-451
High
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2022-3754)
CVE-2022-3754
CWE-521
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0307)
CVE-2023-0307
CWE-521
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0793)
CVE-2023-0793
CWE-521
High
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-1753)
CVE-2023-1753
CWE-521
Critical
phpThumb() fltr[] parameter command injection vulnerability
CVE-2010-1598
CWE-20
High
PHPUnit Remote Code Execution
CVE-2017-9841
CWE-94
High
Phusion Passenger Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-12029)
CVE-2018-12029
CWE-362
High
Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16355)
CVE-2017-16355
CWE-200
Medium
Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-12027)
CVE-2018-12027
CWE-200
High
Phusion Passenger Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2013-4136)
CVE-2013-4136
CWE-59
Medium
Phusion Passenger Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-12026)
CVE-2018-12026
CWE-59
Critical
Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12028)
CVE-2018-12028
CWE-732
High
Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12615)
CVE-2018-12615
CWE-732
Medium
Phusion Passenger Other Vulnerability (CVE-2014-1831)
CVE-2014-1831
-
Low
Phusion Passenger Other Vulnerability (CVE-2014-1832)
CVE-2014-1832
-
Low
Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2119)
CVE-2013-2119
CWE-264
Medium
Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-10345)
CVE-2016-10345
CWE-264
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-1468)
CVE-2013-1468
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4613)
CVE-2014-4613
CWE-352
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4614)
CVE-2014-4614
CWE-352
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678)
CVE-2017-10678
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10680)
CVE-2017-10680
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681)
CVE-2017-10681
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17774)
CVE-2017-17774
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17827)
CVE-2017-17827
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724)
CVE-2018-7724
CWE-352
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13363)
CVE-2019-13363
CWE-352
Critical
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-33359)
CVE-2023-33359
CWE-352
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26450)
CVE-2024-26450
CWE-352
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-48311)
CVE-2024-48311
CWE-352
High
Piwigo CVE-2014-4648 Vulnerability (CVE-2014-4648)
CVE-2014-4648
-
Critical
Piwigo Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-26267)
CVE-2022-26267
CWE-668
High
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3790)
CVE-2011-3790
CWE-200
Medium
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10679)
CVE-2017-10679
CWE-200
High
Piwigo Improper Access Control Vulnerability (CVE-2016-10084)
CVE-2016-10084
CWE-284
High
Piwigo Improper Access Control Vulnerability (CVE-2016-10085)
CVE-2016-10085
CWE-284
High
Piwigo Improper Access Control Vulnerability (CVE-2016-10105)
CVE-2016-10105
CWE-284
Critical
Piwigo Improper Access Control Vulnerability (CVE-2016-10514)
CVE-2016-10514
CWE-284
Medium
Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2012-2208)
CVE-2012-2208
CWE-22
High
Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1469)
CVE-2013-1469
CWE-22
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4039)
CVE-2009-4039
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1707)
CVE-2010-1707
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2209)
CVE-2012-2209
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4525)
CVE-2012-4525
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4526)
CVE-2012-4526
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1980)
CVE-2014-1980
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3900)
CVE-2014-3900
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2034)
CVE-2015-2034
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10083)
CVE-2016-10083
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10513)
CVE-2016-10513
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9751)
CVE-2016-9751
CWE-707
Medium