Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4668)
CVE-2012-4668
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6121)
CVE-2012-6121
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5645)
CVE-2013-5645
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5381)
CVE-2015-5381
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6820)
CVE-2017-6820
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19206)
CVE-2018-19206
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12625)
CVE-2020-12625
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13964)
CVE-2020-13964
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13965)
CVE-2020-13965
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15562)
CVE-2020-15562
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-16145)
CVE-2020-16145
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18670)
CVE-2020-18670
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18671)
CVE-2020-18671
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35730)
CVE-2020-35730
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26925)
CVE-2021-26925
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44025)
CVE-2021-44025
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46144)
CVE-2021-46144
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43770)
CVE-2023-43770
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47272)
CVE-2023-47272
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5631)
CVE-2023-5631
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-37383)
CVE-2024-37383
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-37384)
CVE-2024-37384
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-42008)
CVE-2024-42008
CWE-707
Critical
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-42009)
CVE-2024-42009
CWE-707
Critical
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-68461)
CVE-2025-68461
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-35539)
CVE-2026-35539
CWE-707
Medium
Roundcube Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2024-57004)
CVE-2024-57004
CWE-707
Medium
Roundcube Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-37385)
CVE-2024-37385
CWE-138
Critical
Roundcube Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6172)
CVE-2013-6172
CWE-138
High
Roundcube Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-44026)
CVE-2021-44026
CWE-138
Critical
Roundcube Improper Privilege Management Vulnerability (CVE-2017-8114)
CVE-2017-8114
CWE-269
High
Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35540)
CVE-2026-35540
CWE-669
Medium
Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35542)
CVE-2026-35542
CWE-669
Medium
Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35543)
CVE-2026-35543
CWE-669
Medium
Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35544)
CVE-2026-35544
CWE-669
Medium
Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35545)
CVE-2026-35545
CWE-669
High
Roundcube Multiple Buffer Overflow Vulnerabilities (CVE-2015-2181)
CVE-2015-2181
-
High
Roundcube Multiple Cross-site Request Forgery (CSRF) Vulnerabilities (CVE-2014-9587)
CVE-2014-9587
-
Medium
Roundcube Resource Management Errors Vulnerability (CVE-2008-5620)
CVE-2008-5620
-
High
Roundcube Resource Management Errors Vulnerability (CVE-2011-4078)
CVE-2011-4078
-
Medium
Roundcube security updates 0.8.6 and 0.7.3
CVE-2013-1904
CWE-22
High
Roundcube Unspesificed Vulnerability (CVE-2018-1000071)
CVE-2018-1000071
-
High
Roundcube Unspesificed Vulnerability (CVE-2018-9846)
CVE-2018-9846
-
High
Roundcube Unspesificed Vulnerability (CVE-2019-10740)
CVE-2019-10740
-
Medium
Roundcube Unspesificed Vulnerability (CVE-2019-15237)
CVE-2019-15237
-
High
RSA Private Key Detected
-
CWE-200
High
Ruby 7PK - Security Features Vulnerability (CVE-2015-3900)
CVE-2015-3900
-
Medium
Ruby Cryptographic Issues Vulnerability (CVE-2011-2686)
CVE-2011-2686
-
Medium
Ruby Cryptographic Issues Vulnerability (CVE-2012-5371)
CVE-2012-5371
-
Medium
Ruby Cryptographic Issues Vulnerability (CVE-2013-4073)
CVE-2013-4073
-
Medium
Ruby Cryptographic Issues Vulnerability (CVE-2013-4287)
CVE-2013-4287
-
Medium
Ruby Cryptographic Issues Vulnerability (CVE-2013-4363)
CVE-2013-4363
-
Medium
Ruby CVE-2018-16395 Vulnerability (CVE-2018-16395)
CVE-2018-16395
-
Critical
Ruby CVE-2018-16396 Vulnerability (CVE-2018-16396)
CVE-2018-16396
-
High
Ruby CVE-2019-15845 Vulnerability (CVE-2019-15845)
CVE-2019-15845
-
Medium
Ruby CVE-2021-41819 Vulnerability (CVE-2021-41819)
CVE-2021-41819
-
High
Ruby Double Free Vulnerability (CVE-2022-28738)
CVE-2022-28738
CWE-415
Critical
Ruby Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31810)
CVE-2021-31810
CWE-668
Medium
Ruby Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-10933)
CVE-2020-10933
CWE-200
Medium
Ruby framework weak secret key
-
CWE-693
High
Ruby Improper Authentication Vulnerability (CVE-2007-5162)
CVE-2007-5162
CWE-287
Medium
Ruby Improper Authentication Vulnerability (CVE-2007-5770)
CVE-2007-5770
CWE-287
Medium
Ruby Improper Authentication Vulnerability (CVE-2008-3905)
CVE-2008-3905
CWE-287
Medium
Ruby Improper Authentication Vulnerability (CVE-2009-0642)
CVE-2009-0642
CWE-287
Medium
Ruby Improper Authentication Vulnerability (CVE-2017-10784)
CVE-2017-10784
CWE-287
High
Ruby Improper Authentication Vulnerability (CVE-2019-16201)
CVE-2019-16201
CWE-287
High
Ruby Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16255)
CVE-2019-16255
CWE-94
High
Ruby Improper Input Validation Vulnerability (CVE-2008-3657)
CVE-2008-3657
CWE-20
High
Ruby Improper Input Validation Vulnerability (CVE-2008-3790)
CVE-2008-3790
CWE-20
Medium
Ruby Improper Input Validation Vulnerability (CVE-2009-4492)
CVE-2009-4492
CWE-20
Medium
Ruby Improper Input Validation Vulnerability (CVE-2009-5147)
CVE-2009-5147
CWE-20
High
Ruby Improper Input Validation Vulnerability (CVE-2011-2705)
CVE-2011-2705
CWE-20
Medium
Ruby Improper Input Validation Vulnerability (CVE-2011-4815)
CVE-2011-4815
CWE-20
High
Ruby Improper Input Validation Vulnerability (CVE-2013-1821)
CVE-2013-1821
CWE-20
Medium
Ruby Improper Input Validation Vulnerability (CVE-2015-1855)
CVE-2015-1855
CWE-20
Medium