Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24637 vulnerabilities in 62 categories.

Critical: 1632 High: 13196 Medium: 8851 Low: 887 Information: 71
Vulnerability Name
CVE
CWE
Severity
IBMHttpServer Other Vulnerability (CVE-2000-0505)
CVE-2000-0505
-
Medium
IBMHttpServer Other Vulnerability (CVE-2000-1168)
CVE-2000-1168
-
High
IBMHttpServer Other Vulnerability (CVE-2001-0122)
CVE-2001-0122
-
Medium
IBMHttpServer Other Vulnerability (CVE-2002-1822)
CVE-2002-1822
-
Medium
IBMHttpServer Other Vulnerability (CVE-2004-0263)
CVE-2004-0263
-
Medium
IBMHttpServer Other Vulnerability (CVE-2004-0492)
CVE-2004-0492
-
Critical
IBMHttpServer Other Vulnerability (CVE-2004-0493)
CVE-2004-0493
-
Medium
IBMHttpServer Other Vulnerability (CVE-2004-1082)
CVE-2004-1082
-
High
IBMHttpServer Other Vulnerability (CVE-2006-3918)
CVE-2006-3918
-
Medium
IBMHttpServer Reachable Assertion Vulnerability (CVE-2026-8852)
CVE-2026-8852
CWE-617
High
IBMHttpServer Uncontrolled Resource Consumption Vulnerability (CVE-2026-8856)
CVE-2026-8856
CWE-400
Critical
IBMHttpServer Untrusted Pointer Dereference Vulnerability (CVE-2026-8835)
CVE-2026-8835
CWE-822
High
IIS extended unicode directory traversal vulnerability
CVE-2000-0884
CWE-22
High
IIS Path disclosure
-
CWE-200
Low
ImageMagick remote code execution
CVE-2016-3714
CWE-78
High
imgproxy SSRF (CVE-2023-30019)
CVE-2023-30019
CWE-918
Medium
Improper Authorization in Confluence Server and Data Center (CVE-2023-22518)
CVE-2023-22518
CWE-284
Critical
Incorrect Content Security Policy (CSP) Implementation
-
CWE-942
Information
InfluxDB Unauthorized Access Vulnerability
-
CWE-200
Medium
Ingress-Nginx "IngressNightmare" RCE (CVE-2025-1974)
CVE-2025-1974
CWE-653
Critical
Insecure crossdomain.xml policy
-
CWE-942
Medium
Insecure Frame (External)
-
CWE-829
Low
Insecure HTTP Usage
-
CWE-1428
Medium
Insecure Protocol Detected in Content Security Policy (CSP)
-
CWE-942
Information
Insecure Referrer Policy
-
CWE-200
Information
Insecure transition from HTTP to HTTPS in form post
-
CWE-200
Medium
Insecure transition from HTTPS to HTTP in form post
-
CWE-200
Low
Insecure Transportation Security Protocol Supported (SSLv2)
-
CWE-326
High
Insecure Transportation Security Protocol Supported (SSLv3)
-
CWE-326
High
Insecure Transportation Security Protocol Supported (TLS 1.0)
-
CWE-326
High
Insecure Transportation Security Protocol Supported (TLS 1.1)
-
CWE-326
Low
Insecure usage of Version 1 UUID/GUID
-
CWE-328
Medium
Internet Information Server returns IP address in HTTP header (Content-Location)
-
CWE-200
Low
Internet Information Services Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2009-3023)
CVE-2009-3023
CWE-120
Critical
Internet Information Services Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-1999-0861)
CVE-1999-0861
CWE-362
Low
Internet Information Services Configuration Vulnerability (CVE-1999-0725)
CVE-1999-0725
-
High
Internet Information Services Configuration Vulnerability (CVE-2003-1566)
CVE-2003-1566
-
Medium
Internet Information Services CVE-2001-0146 Vulnerability (CVE-2001-0146)
CVE-2001-0146
-
Medium
Internet Information Services CVE-2002-1790 Vulnerability (CVE-2002-1790)
CVE-2002-1790
-
Medium
Internet Information Services CVE-2006-6578 Vulnerability (CVE-2006-6578)
CVE-2006-6578
-
High
Internet Information Services CVE-2008-0074 Vulnerability (CVE-2008-0074)
CVE-2008-0074
-
High
Internet Information Services CVE-2009-4444 Vulnerability (CVE-2009-4444)
CVE-2009-4444
-
Medium
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-1999-0348)
CVE-1999-0348
CWE-200
Medium
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2000-0649)
CVE-2000-0649
CWE-200
Low
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-0419)
CVE-2002-0419
CWE-200
Medium
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-0422)
CVE-2002-0422
CWE-200
Low
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-1717)
CVE-2002-1717
CWE-200
Medium
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-1718)
CVE-2002-1718
CWE-200
Medium
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2003-1567)
CVE-2003-1567
CWE-200
Medium
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1122)
CVE-2009-1122
CWE-287
High
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1535)
CVE-2009-1535
CWE-287
High
Internet Information Services Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-0075)
CVE-2008-0075
CWE-94
Critical
Internet Information Services Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1256)
CVE-2010-1256
CWE-94
High
Internet Information Services Improper Input Validation Vulnerability (CVE-1999-0867)
CVE-1999-0867
CWE-20
Medium
Internet Information Services Improper Input Validation Vulnerability (CVE-2000-0258)
CVE-2000-0258
CWE-20
High
Internet Information Services Improper Input Validation Vulnerability (CVE-2009-4445)
CVE-2009-4445
CWE-20
Medium
Internet Information Services Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2002-1700)
CVE-2002-1700
CWE-707
Medium
Internet Information Services Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2003-1582)
CVE-2003-1582
CWE-707
Low
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0349)
CVE-1999-0349
CWE-119
High
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0874)
CVE-1999-0874
CWE-119
Critical
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-1899)
CVE-2010-1899
CWE-119
Medium
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2730)
CVE-2010-2730
CWE-119
Critical
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-3972)
CVE-2010-3972
CWE-119
Critical
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-7269)
CVE-2017-7269
CWE-119
Critical
Internet Information Services Integer Overflow or Wraparound Vulnerability (CVE-2008-1446)
CVE-2008-1446
CWE-190
Critical
Internet Information Services Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
Internet Information Services Other Vulnerability (CVE-1999-0012)
CVE-1999-0012
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0154)
CVE-1999-0154
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0191)
CVE-1999-0191
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0233)
CVE-1999-0233
-
Critical
Internet Information Services Other Vulnerability (CVE-1999-0253)
CVE-1999-0253
-
High
Internet Information Services Other Vulnerability (CVE-1999-0278)
CVE-1999-0278
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0281)
CVE-1999-0281
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0407)
CVE-1999-0407
-
Critical
Internet Information Services Other Vulnerability (CVE-1999-0412)
CVE-1999-0412
-
High