Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24542 vulnerabilities in 62 categories.

Critical: 1625 High: 13155 Medium: 8807 Low: 884 Information: 71
Vulnerability Name
CVE
CWE
Severity
XWiki Other Vulnerability (CVE-2023-26478)
CVE-2023-26478
-
High
XWiki Other Vulnerability (CVE-2023-29507)
CVE-2023-29507
-
High
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470)
CVE-2023-26470
CWE-787
High
XWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-7223)
CVE-2006-7223
CWE-264
Medium
XWiki Platform RCE (CVE-2023-37462)
CVE-2023-37462
CWE-95
High
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)
CVE-2023-48240
CWE-918
High
XWiki Transmission of Private Resources into a New Sphere ('Resource Leak') Vulnerability (CVE-2023-38509)
CVE-2023-38509
CWE-402
Medium
XWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-21651)
CVE-2024-21651
CWE-400
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618)
CVE-2022-23618
CWE-601
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-29204)
CVE-2023-29204
CWE-601
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068)
CVE-2023-32068
CWE-601
Medium
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619)
CVE-2022-23619
CWE-640
High
XWikiplatform Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-66473)
CVE-2025-66473
CWE-770
High
XWikiplatform Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-40104)
CVE-2026-40104
CWE-770
High
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31985)
CVE-2024-31985
CWE-352
Medium
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986)
CVE-2024-31986
CWE-352
High
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988)
CVE-2024-31988
CWE-352
High
XWikiplatform CVE-2025-32972 Vulnerability (CVE-2025-32972)
CVE-2025-32972
-
Medium
XWikiplatform CVE-2025-48063 Vulnerability (CVE-2025-48063)
CVE-2025-48063
-
High
XWikiplatform CVE-2025-55749 Vulnerability (CVE-2025-55749)
CVE-2025-55749
-
High
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54124)
CVE-2025-54124
CWE-359
Medium
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54125)
CVE-2025-54125
CWE-359
Medium
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31465)
CVE-2024-31465
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31982)
CVE-2024-31982
CWE-94
Critical
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984)
CVE-2024-31984
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31996)
CVE-2024-31996
CWE-94
Critical
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899)
CVE-2024-37899
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37900)
CVE-2024-37900
CWE-94
Medium
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901)
CVE-2024-37901
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877)
CVE-2024-55877
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-24893)
CVE-2025-24893
CWE-94
Critical
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49581)
CVE-2025-49581
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-51991)
CVE-2025-51991
CWE-94
High
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2024-55663)
CVE-2024-55663
CWE-116
Critical
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2025-32974)
CVE-2025-32974
CWE-116
Critical
XWikiplatform Improper Input Validation Vulnerability (CVE-2025-54385)
CVE-2025-54385
CWE-20
Critical
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41947)
CVE-2024-41947
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-32430)
CVE-2025-32430
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-46558)
CVE-2025-46558
CWE-707
Critical
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-51990)
CVE-2025-51990
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-53835)
CVE-2025-53835
CWE-707
Critical
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-66472)
CVE-2025-66472
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-24128)
CVE-2026-24128
CWE-707
Medium
XWikiplatform Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2026-40105)
CVE-2026-40105
CWE-707
Medium
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-56158)
CVE-2024-56158
CWE-138
Critical
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32429)
CVE-2025-32429
CWE-138
Critical
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968)
CVE-2025-32968
CWE-138
High
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32969)
CVE-2025-32969
CWE-138
Critical
XWikiplatform Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2025-58049)
CVE-2025-58049
CWE-212
High
XWikiplatform Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2026-26000)
CVE-2026-26000
CWE-1021
Medium
XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662)
CVE-2024-55662
CWE-863
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-29924)
CVE-2025-29924
CWE-863
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-32971)
CVE-2025-32971
CWE-863
Low
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-49586)
CVE-2025-49586
CWE-863
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-53836)
CVE-2025-53836
CWE-863
High
XWikiplatform Incorrect Privilege Assignment Vulnerability (CVE-2025-49580)
CVE-2025-49580
CWE-266
High
XWikiplatform Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-49584)
CVE-2025-49584
CWE-201
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49582)
CVE-2025-49582
CWE-357
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49583)
CVE-2025-49583
CWE-357
Low
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49585)
CVE-2025-49585
CWE-357
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49587)
CVE-2025-49587
CWE-357
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31981)
CVE-2024-31981
CWE-862
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983)
CVE-2024-31983
CWE-862
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31987)
CVE-2024-31987
CWE-862
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31997)
CVE-2024-31997
CWE-862
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-37898)
CVE-2024-37898
CWE-862
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-45591)
CVE-2024-45591
CWE-862
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55876)
CVE-2024-55876
CWE-862
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55879)
CVE-2024-55879
CWE-862
High
XWikiplatform Missing Authorization Vulnerability (CVE-2025-23025)
CVE-2025-23025
CWE-862
High
XWikiplatform Missing Authorization Vulnerability (CVE-2025-29926)
CVE-2025-29926
CWE-862
Critical
XWikiplatform Missing Authorization Vulnerability (CVE-2025-32973)
CVE-2025-32973
CWE-862
Critical
XWikiplatform Missing Authorization Vulnerability (CVE-2025-46554)
CVE-2025-46554
CWE-862
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2025-46557)
CVE-2025-46557
CWE-862
Critical
XWikiplatform Missing Authorization Vulnerability (CVE-2026-33229)
CVE-2026-33229
CWE-862
Critical