Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24542 vulnerabilities in 62 categories.

Critical: 1625 High: 13155 Medium: 8807 Low: 884 Information: 71
Vulnerability Name
CVE
CWE
Severity
Apache stronghold-info enabled
-
CWE-200
Low
Apache stronghold-status enabled
-
CWE-200
Low
Apache Struts 2 ClassLoader manipulation and denial of service
CVE-2014-0114
CWE-701
High
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020)
CVE-2014-0050
CWE-701
High
Apache Struts Path traversal (S2-067/CVE-2024-53677, S2-066/CVE-2023-50164)
CVE-2023-50164
CWE-434
Critical
Apache Struts Remote Code Execution (S2-057)
CVE-2018-11776
CWE-917
High
Apache Struts2 remote code execution vulnerability
CVE-2016-0785
CWE-78
Critical
Apache Struts2 Remote Command Execution (S2-048)
CVE-2017-9791
CWE-94
High
Apache Struts2 Remote Command Execution (S2-052)
CVE-2017-9805
CWE-94
High
Apache Struts2 Remote Command Execution (S2-053)
CVE-2017-12611
CWE-94
Critical
Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850)
CVE-2021-27850
CWE-200
High
Apache Tapestry weak secret key
-
CWE-1391
High
Apache Tika XXE via PDF XFA Content (CVE-2025-66516)
CVE-2025-66516
CWE-611
Critical
Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)
CVE-2016-8745
-
High
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493)
CVE-2002-0493
-
High
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9634)
CVE-2014-9634
-
Medium
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)
CVE-2014-9635
-
Medium
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)
CVE-2024-38286
CWE-770
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-48988)
CVE-2025-48988
CWE-770
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-41284)
CVE-2026-41284
CWE-770
High
Apache Tomcat Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-49125)
CVE-2025-49125
CWE-288
High
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037)
CVE-2018-8037
CWE-362
Medium
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-43980)
CVE-2021-43980
CWE-362
Low
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-52434)
CVE-2025-52434
CWE-362
High
Apache Tomcat Configuration Vulnerability (CVE-2008-0128)
CVE-2008-0128
-
Medium
Apache Tomcat Configuration Vulnerability (CVE-2010-4312)
CVE-2010-4312
-
Medium
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
CVE-2009-3548
-
High
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4724)
CVE-2007-4724
CWE-352
Medium
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-6357)
CVE-2013-6357
CWE-352
Medium
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351)
CVE-2015-5351
CWE-352
High
Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064)
CVE-2011-5064
-
Medium
Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568)
CVE-2012-5568
-
Medium
Apache Tomcat CVE-2016-6794 Vulnerability (CVE-2016-6794)
CVE-2016-6794
-
Medium
Apache Tomcat CVE-2016-8735 Vulnerability (CVE-2016-8735)
CVE-2016-8735
-
Critical
Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651)
CVE-2017-5651
-
Critical
Apache Tomcat CVE-2018-1304 Vulnerability (CVE-2018-1304)
CVE-2018-1304
-
Medium
Apache Tomcat CVE-2018-1305 Vulnerability (CVE-2018-1305)
CVE-2018-1305
-
Medium
Apache Tomcat CVE-2019-2684 Vulnerability (CVE-2019-2684)
CVE-2019-2684
-
Medium
Apache Tomcat CVE-2020-0822 Vulnerability (CVE-2020-0822)
CVE-2020-0822
-
High
Apache Tomcat CVE-2020-13943 Vulnerability (CVE-2020-13943)
CVE-2020-13943
-
Medium
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
CVE-2022-29885
-
High
Apache Tomcat CVE-2023-34981 Vulnerability (CVE-2023-34981)
CVE-2023-34981
-
High
Apache Tomcat CVE-2023-44487 Vulnerability (CVE-2023-44487)
CVE-2023-44487
-
High
Apache Tomcat CVE-2024-24549 Vulnerability (CVE-2024-24549)
CVE-2024-24549
-
High
Apache Tomcat CVE-2026-24733 Vulnerability (CVE-2026-24733)
CVE-2026-24733
-
Low
Apache Tomcat CVE-2026-24734 Vulnerability (CVE-2026-24734)
CVE-2026-24734
-
High
Apache Tomcat Data Processing Errors Vulnerability (CVE-2014-0227)
CVE-2014-0227
-
Medium
Apache Tomcat DEPRECATED: Authentication Bypass Issues Vulnerability (CVE-2026-43512)
CVE-2026-43512
CWE-592
Critical
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2020-9484)
CVE-2020-9484
CWE-502
High
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329)
CVE-2021-25329
CWE-502
High
Apache Tomcat examples directory vulnerabilities
-
-
Medium
Apache Tomcat Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-5648)
CVE-2017-5648
CWE-668
Critical
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-3164)
CVE-2005-3164
CWE-200
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4836)
CVE-2005-4836
CWE-200
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-3382)
CVE-2007-3382
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-3385)
CVE-2007-3385
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5333)
CVE-2007-5333
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4308)
CVE-2008-4308
CWE-200
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-5519)
CVE-2008-5519
CWE-200
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0580)
CVE-2009-0580
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0783)
CVE-2009-0783
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1157)
CVE-2010-1157
CWE-200
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2204)
CVE-2011-2204
CWE-200
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3375)
CVE-2011-3375
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2071)
CVE-2013-2071
CWE-200
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4590)
CVE-2013-4590
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0706)
CVE-2016-0706
CWE-200
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747)
CVE-2016-8747
CWE-200
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12616)
CVE-2017-12616
CWE-200
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5647)
CVE-2017-5647
CWE-200
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-17527)
CVE-2020-17527
CWE-200
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-25122)
CVE-2021-25122
CWE-200
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-42498)
CVE-2026-42498
CWE-200
High
Apache Tomcat Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-21733)
CVE-2024-21733
CWE-209
Medium
Apache Tomcat Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2026-29146)
CVE-2026-29146
CWE-209
High