Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
PHP unserialize() used on user input
-
CWE-20
Medium
PHP Use After Free Vulnerability (CVE-2014-3622)
CVE-2014-3622
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2015-1351)
CVE-2015-1351
CWE-416
High
PHP Use After Free Vulnerability (CVE-2015-6831)
CVE-2015-6831
CWE-416
High
PHP Use After Free Vulnerability (CVE-2016-4473)
CVE-2016-4473
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-5771)
CVE-2016-5771
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-5773)
CVE-2016-5773
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-6290)
CVE-2016-6290
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-6295)
CVE-2016-6295
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-7413)
CVE-2016-7413
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-7479)
CVE-2016-7479
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-9137)
CVE-2016-9137
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-9138)
CVE-2016-9138
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-9936)
CVE-2016-9936
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2017-12932)
CVE-2017-12932
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2017-12934)
CVE-2017-12934
CWE-416
High
PHP Use After Free Vulnerability (CVE-2018-12882)
CVE-2018-12882
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2019-13224)
CVE-2019-13224
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2019-9020)
CVE-2019-9020
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2020-7068)
CVE-2020-7068
CWE-416
Low
PHP Use After Free Vulnerability (CVE-2021-21708)
CVE-2021-21708
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2024-11235)
CVE-2024-11235
CWE-416
High
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2006-0200)
CVE-2006-0200
CWE-134
Critical
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-0754)
CVE-2009-0754
CWE-134
Low
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-3294)
CVE-2009-3294
CWE-134
Medium
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2094)
CVE-2010-2094
CWE-134
Medium
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950)
CVE-2010-2950
CWE-134
Medium
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2011-1153)
CVE-2011-1153
CWE-134
High
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2015-8617)
CVE-2015-8617
CWE-134
Critical
PHP Use of Insufficiently Random Values Vulnerability (CVE-2023-3247)
CVE-2023-3247
CWE-330
Medium
PHP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2023-0567)
CVE-2023-0567
CWE-916
Medium
PHP Use of Uninitialized Resource Vulnerability (CVE-2015-3414)
CVE-2015-3414
CWE-908
High
PHP Use of Uninitialized Resource Vulnerability (CVE-2015-8390)
CVE-2015-8390
CWE-908
Critical
PHP Use of Uninitialized Resource Vulnerability (CVE-2019-11038)
CVE-2019-11038
CWE-908
Medium
PHP X Prober publicly accessible
-
CWE-200
Medium
PHP-CGI remote code execution
CVE-2012-2311
CWE-20
High
PHP-CS-Fixer cache file publicly accessible (.php_cs.cache)
-
CWE-200
Medium
PHP-FPM Status Page
-
CWE-200
Medium
PHP-Fusion Authentication Bypass by Capture-replay Vulnerability (CVE-2020-23178)
CVE-2020-23178
CWE-294
Medium
PHP-Fusion CVE-2020-35952 Vulnerability (CVE-2020-35952)
CVE-2020-35952
-
Medium
PHP-Fusion Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1806)
CVE-2013-1806
CWE-22
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6850)
CVE-2008-6850
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6043)
CVE-2012-6043
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1804)
CVE-2013-1804
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8375)
CVE-2015-8375
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12438)
CVE-2020-12438
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12706)
CVE-2020-12706
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12708)
CVE-2020-12708
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12718)
CVE-2020-12718
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15041)
CVE-2020-15041
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17449)
CVE-2020-17449
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17450)
CVE-2020-17450
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23179)
CVE-2020-23179
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23181)
CVE-2020-23181
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23184)
CVE-2020-23184
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23185)
CVE-2020-23185
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23658)
CVE-2020-23658
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23702)
CVE-2020-23702
CWE-707
Medium
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-1918)
CVE-2008-1918
CWE-138
Medium
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5335)
CVE-2008-5335
CWE-138
Medium
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5946)
CVE-2008-5946
CWE-138
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1803)
CVE-2013-1803
CWE-138
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-7375)
CVE-2013-7375
CWE-138
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-12461)
CVE-2020-12461
CWE-138
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14960)
CVE-2020-14960
CWE-138
High
PHP-Fusion Improper Privilege Management Vulnerability (CVE-2020-24949)
CVE-2020-24949
CWE-269
High
PHP-Fusion Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-3172)
CVE-2021-3172
CWE-732
High
PHP-Fusion Other Vulnerability (CVE-2007-3559)
CVE-2007-3559
-
Low
PHP-Fusion Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1807)
CVE-2013-1807
CWE-264
Medium
PHP-Fusion URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-23182)
CVE-2020-23182
CWE-601
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0471)
CVE-2008-0471
CWE-352
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1432)
CVE-2015-1432
CWE-352
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13376)
CVE-2019-13376
CWE-352
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16107)
CVE-2019-16107
CWE-352
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16993)
CVE-2019-16993
CWE-352
High