Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13423)
CVE-2018-13423
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26799)
CVE-2021-26799
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3980)
CVE-2023-3980
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3982)
CVE-2023-3982
CWE-707
Medium
Omeka Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-3981)
CVE-2023-3981
CWE-918
Medium
Open Redirection
-
CWE-601
Medium
Open Resty Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9230)
CVE-2018-9230
CWE-138
Critical
Open Resty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11724)
CVE-2020-11724
CWE-444
High
Open Resty Inefficient Algorithmic Complexity Vulnerability (CVE-2024-39702)
CVE-2024-39702
CWE-407
Medium
Open Resty Off-by-one Error Vulnerability (CVE-2021-23017)
CVE-2021-23017
CWE-193
High
Open Resty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
CVE-2023-44487
CWE-400
High
Open Silverlight Client Access Policy
-
CWE-942
Medium
Opencart Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-15116)
CVE-2025-15116
CWE-362
Medium
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1610)
CVE-2010-1610
CWE-352
Medium
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-13067)
CVE-2018-13067
CWE-352
High
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28838)
CVE-2020-28838
CWE-352
Low
Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519)
CVE-2024-21519
-
High
Opencart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3763)
CVE-2011-3763
CWE-200
Medium
Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-47444)
CVE-2023-47444
CWE-94
High
Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-36694)
CVE-2024-36694
CWE-94
High
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-1621)
CVE-2009-1621
CWE-22
Medium
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1891)
CVE-2013-1891
CWE-22
Medium
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11494)
CVE-2018-11494
CWE-22
High
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11495)
CVE-2018-11495
CWE-22
Medium
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-2315)
CVE-2023-2315
CWE-22
High
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21518)
CVE-2024-21518
CWE-22
High
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4671)
CVE-2015-4671
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-15081)
CVE-2019-15081
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10596)
CVE-2020-10596
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13980)
CVE-2020-13980
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29470)
CVE-2020-29470
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29471)
CVE-2020-29471
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21515)
CVE-2024-21515
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21516)
CVE-2024-21516
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21517)
CVE-2024-21517
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1746)
CVE-2025-1746
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1747)
CVE-2025-1747
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1748)
CVE-2025-1748
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1749)
CVE-2025-1749
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45892)
CVE-2025-45892
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45893)
CVE-2025-45893
CWE-707
Medium
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1027)
CVE-2009-1027
CWE-138
High
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-0956)
CVE-2010-0956
CWE-138
High
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-20491)
CVE-2020-20491
CWE-138
High
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-37823)
CVE-2021-37823
CWE-138
Medium
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-21514)
CVE-2024-21514
CWE-138
High
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-58341)
CVE-2024-58341
CWE-138
High
Opencart Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-40834)
CVE-2023-40834
CWE-307
Critical
Opencart Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3990)
CVE-2014-3990
CWE-611
Critical
Opencart Incomplete Filtering of Special Elements Vulnerability (CVE-2026-3714)
CVE-2026-3714
CWE-791
Medium
OpenCms Chemistry Solr XML External Entity (XXE) vulnerability (CVE-2023-42346)
CVE-2023-42346
CWE-611
High
OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344)
CVE-2023-42344
CWE-611
High
OpenCms Solr XML External Entity (XXE) vulnerability
-
CWE-611
High
Openfire Admin Console Full Read SSRF
CVE-2019-18394
CWE-918
High
Openfire Path Traversal (CVE-2023-32315)
CVE-2023-32315
CWE-22
High
OpenMetadata Authentication Bypass (CVE-2024-28255)
CVE-2024-28255
CWE-287
Critical
OpenSSL 7PK - Security Features Vulnerability (CVE-2015-1793)
CVE-2015-1793
-
Medium
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)
CVE-2023-0286
CWE-843
High
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2024-6119)
CVE-2024-6119
CWE-843
High
OpenSSL Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-2650)
CVE-2023-2650
CWE-770
Medium
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-3711)
CVE-2021-3711
CWE-120
Critical
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-3786)
CVE-2022-3786
CWE-120
High
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-3864)
CVE-2010-3864
CWE-362
High
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-5298)
CVE-2010-5298
CWE-362
Medium
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-3509)
CVE-2014-3509
CWE-362
Medium
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-1791)
CVE-2015-1791
CWE-362
Medium
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-3196)
CVE-2015-3196
CWE-362
Medium
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-3216)
CVE-2015-3216
CWE-362
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2000-1254)
CVE-2000-1254
-
High
OpenSSL Cryptographic Issues Vulnerability (CVE-2006-4339)
CVE-2006-4339
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2008-7270)
CVE-2008-7270
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2009-2409)
CVE-2009-2409
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2009-3555)
CVE-2009-3555
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2010-0742)
CVE-2010-0742
-
High
OpenSSL Cryptographic Issues Vulnerability (CVE-2010-0928)
CVE-2010-0928
-
Medium