Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32808)
CVE-2021-32808
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32809)
CVE-2021-32809
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37695)
CVE-2021-37695
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48110)
CVE-2022-48110
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28439)
CVE-2023-28439
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24815)
CVE-2024-24815
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24816)
CVE-2024-24816
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43407)
CVE-2024-43407
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45613)
CVE-2024-45613
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-61261)
CVE-2025-61261
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-28343)
CVE-2026-28343
CWE-707
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26271)
CVE-2021-26271
CWE-829
Medium
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272)
CVE-2021-26272
CWE-829
Medium
CKEditor Other Vulnerability (CVE-2022-24729)
CVE-2022-24729
-
High
CKEditor Uncontrolled Resource Consumption Vulnerability (CVE-2021-21254)
CVE-2021-21254
CWE-400
Medium
CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541)
CVE-2023-31541
CWE-434
Critical
Claroline Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3262)
CVE-2008-3262
CWE-352
Medium
Claroline Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3716)
CVE-2011-3716
CWE-200
Medium
Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844)
CVE-2006-4844
CWE-94
Medium
Claroline Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3261)
CVE-2008-3261
CWE-59
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3260)
CVE-2008-3260
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3315)
CVE-2008-3315
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1907)
CVE-2009-1907
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4753)
CVE-2013-4753
CWE-707
Low
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6267)
CVE-2013-6267
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37160)
CVE-2022-37160
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37161)
CVE-2022-37161
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37162)
CVE-2022-37162
CWE-707
Medium
Claroline Other Vulnerability (CVE-2005-1374)
CVE-2005-1374
-
Medium
Claroline Other Vulnerability (CVE-2005-1375)
CVE-2005-1375
-
High
Claroline Other Vulnerability (CVE-2005-1376)
CVE-2005-1376
-
High
Claroline Other Vulnerability (CVE-2005-1377)
CVE-2005-1377
-
High
Claroline Other Vulnerability (CVE-2006-0411)
CVE-2006-0411
-
Critical
Claroline Other Vulnerability (CVE-2006-1594)
CVE-2006-1594
-
High
Claroline Other Vulnerability (CVE-2006-1595)
CVE-2006-1595
-
Medium
Claroline Other Vulnerability (CVE-2006-1596)
CVE-2006-1596
-
High
Claroline Other Vulnerability (CVE-2006-2284)
CVE-2006-2284
-
Medium
Claroline Other Vulnerability (CVE-2006-2868)
CVE-2006-2868
-
Medium
Claroline Other Vulnerability (CVE-2006-3257)
CVE-2006-3257
-
Medium
Claroline Other Vulnerability (CVE-2006-5256)
CVE-2006-5256
-
High
Claroline Other Vulnerability (CVE-2006-7048)
CVE-2006-7048
-
High
Claroline Other Vulnerability (CVE-2007-3517)
CVE-2007-3517
-
Medium
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
CVE-2022-37159
CWE-434
Critical
Cleo Harmony/VLTrader/LexiCom RCE (CVE-2024-50623, CVE-2024-55956)
CVE-2024-55956
CWE-434
Critical
Clickjacking: CSP frame-ancestors missing
-
CWE-1021
Low
Client Side Template Injection
-
CWE-116
High
Client-Side Prototype Pollution
-
-
High
ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717)
CVE-2011-3717
CWE-200
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6642)
CVE-2012-6642
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6644)
CVE-2012-6644
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4673)
CVE-2015-4673
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307)
CVE-2016-1000307
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4848)
CVE-2016-4848
CWE-707
Medium
ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664)
CVE-2018-7664
CWE-138
Critical
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849)
CVE-2012-5849
CWE-138
High
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643)
CVE-2012-6643
CWE-138
High
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666)
CVE-2018-7666
CWE-138
Critical
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2013-10040)
CVE-2013-10040
CWE-434
Critical
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665)
CVE-2018-7665
CWE-434
Critical
Clockwork PHP dev tool enabled
-
CWE-200
Medium
Cloud metadata publicly exposed
-
CWE-918
High
CloudPanel file-manager Auth bypass (CVE-2023-35885)
CVE-2023-35885
CWE-565
Critical
Cmd hijack vulnerability
-
CWE-94
High
Code Evaluation (Apache Struts) S2-016
CVE-2013-2251
CWE-20
Critical
Code Evaluation (Apache Struts) S2-045
CVE-2017-5638
CWE-94
Critical
Code Evaluation (Apache Struts) S2-046
CVE-2017-5638
CWE-94
High
Code Evaluation (ASP)
-
CWE-95
Critical
Code Evaluation (Perl)
-
CWE-94
Critical
Code Evaluation (PHP)
-
CWE-94
Critical
Code Evaluation (Python)
-
CWE-95
Critical
Code Evaluation (Ruby)
-
CWE-94
Critical
Code Execution via WebDav
-
CWE-434
High