Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
FluxBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-10029)
CVE-2014-10029
CWE-138
High
FluxBB Other Vulnerability (CVE-2014-10030)
CVE-2014-10030
-
Medium
FluxBB Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2020-28873)
CVE-2020-28873
CWE-916
High
ForgeRock AM / OpenAM Deserialization RCE (CVE-2021-35464)
CVE-2021-35464
CWE-502
High
ForgeRock OpenAM Deserialization RCE (CVE-2021-29156)
CVE-2021-29156
CWE-502
High
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
CVE-2018-13379
CWE-22
High
Fortinet Authentication bypass on administrative interface
CVE-2022-40684
CWE-288
High
Fortinet FortiNAC RCE via arbitrary file upload
CVE-2022-39952
CWE-73
High
Fortinet Out-Of-Bound Memory Write RCE (CVE-2024-21762)
CVE-2024-21762
CWE-787
Critical
FortiWeb Authentication Bypass (CVE-2025-64446)
CVE-2025-58034
CWE-23
Critical
FrontAccounting Cross-site Request Forgery (CSRF) Vulnerability (CVE-2018-7176)
CVE-2018-7176
-
High
Frontaccounting Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3740)
CVE-2011-3740
CWE-200
Medium
Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5117)
CVE-2007-5117
CWE-94
Critical
Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5148)
CVE-2007-5148
CWE-94
Medium
Frontaccounting Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-21244)
CVE-2020-21244
CWE-22
Medium
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4037)
CVE-2009-4037
CWE-138
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4045)
CVE-2009-4045
CWE-138
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-1000890)
CVE-2018-1000890
CWE-138
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5720)
CVE-2019-5720
CWE-138
Critical
FrontAccounting Multiple SQL Injection Vulnerabilities (CVE-2014-3973)
CVE-2014-3973
-
High
Frontaccounting Other Vulnerability (CVE-2007-4279)
CVE-2007-4279
-
High
Frontpage authors.pwd available
-
CWE-538
Medium
FrontPage Identified
-
CWE-200
Low
Full public read access Azure blob storage
-
CWE-732
Medium
Gallery 3.0.4 remote code execution
-
CWE-20
High
Generic Email Address Disclosure
-
CWE-200
Information
Genericons DOM-based XSS vulnerability
-
CWE-80
High
GeoServer CVE-2023-35042 Vulnerability (CVE-2023-35042)
CVE-2023-35042
-
Critical
GeoServer CVE-2024-34696 Vulnerability (CVE-2024-34696)
CVE-2024-34696
-
Medium
GeoServer CVE-2024-35230 Vulnerability (CVE-2024-35230)
CVE-2024-35230
-
Medium
GeoServer Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-34711)
CVE-2024-34711
CWE-200
High
GeoServer Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-38524)
CVE-2024-38524
CWE-200
High
GeoServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-36401)
CVE-2024-36401
CWE-94
Critical
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-41877)
CVE-2023-41877
CWE-22
High
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-24749)
CVE-2024-24749
CWE-22
High
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-51445)
CVE-2023-51445
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23640)
CVE-2024-23640
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23642)
CVE-2024-23642
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23643)
CVE-2024-23643
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23818)
CVE-2024-23818
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23819)
CVE-2024-23819
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23821)
CVE-2024-23821
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-21621)
CVE-2025-21621
CWE-707
Medium
GeoServer Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-7227)
CVE-2008-7227
CWE-119
Medium
GeoServer Improper Restriction of XML External Entity Reference Vulnerability (CVE-2025-58360)
CVE-2025-58360
CWE-611
Critical
GeoServer Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-30145)
CVE-2025-30145
CWE-835
High
GeoServer Missing Authorization Vulnerability (CVE-2025-27505)
CVE-2025-27505
CWE-862
Medium
GeoServer Other Vulnerability (CVE-2024-23634)
CVE-2024-23634
-
Medium
GeoServer RCE (CVE-2024-36401)
CVE-2024-36401
CWE-94
Critical
GeoServer Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-29198)
CVE-2024-29198
CWE-918
High
GeoServer Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40625)
CVE-2024-40625
CWE-918
Medium
GeoServer SQLi (CVE-2023-25157)
CVE-2023-25157
CWE-89
High
GeoServer SSRF (CVE-2021-40822)
CVE-2021-40822
CWE-918
High
GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)
CVE-2023-51444
CWE-434
High
GeoServer WMS SSRF (CVE-2023-43795)
CVE-2023-43795
CWE-918
High
Ghost CMS Theme Path Traversal (CVE-2023-32235)
CVE-2023-32235
CWE-22
High
Ghost CMS Theme Preview XSS (CVE-2021-29484)
CVE-2021-29484
CWE-79
High
GhostScript RCE (Remote Code Execution)
CVE-2016-3714
CWE-78
Critical
GibbonEdu Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-26211)
CVE-2025-26211
CWE-352
High
GibbonEdu CVE-2023-45878 Vulnerability (CVE-2023-45878)
CVE-2023-45878
-
Critical
GibbonEdu Deserialization of Untrusted Data Vulnerability (CVE-2024-24725)
CVE-2024-24725
CWE-502
High
GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-34598)
CVE-2023-34598
CWE-22
Critical
GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-45880)
CVE-2023-45880
CWE-22
High
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40214)
CVE-2021-40214
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40492)
CVE-2021-40492
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22868)
CVE-2022-22868
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23871)
CVE-2022-23871
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34599)
CVE-2023-34599
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45879)
CVE-2023-45879
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45881)
CVE-2023-45881
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34831)
CVE-2024-34831
CWE-707
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51337)
CVE-2024-51337
CWE-707
Low
GibbonEdu Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2024-24724)
CVE-2024-24724
CWE-138
Critical
GibbonEdu Session Fixation Vulnerability (CVE-2022-27305)
CVE-2022-27305
CWE-384
High
GIT Detected exposed
-
CWE-527
High