Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-1854)
CVE-2013-1854
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-1856)
CVE-2013-1856
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-3221)
CVE-2013-3221
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-6414)
CVE-2013-6414
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2014-0082)
CVE-2014-0082
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-0753)
CVE-2016-0753
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-2098)
CVE-2016-2098
CWE-20
High
Ruby on Rails Improper Input Validation Vulnerability (CVE-2019-5420)
CVE-2019-5420
CWE-20
Critical
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-0130)
CVE-2014-0130
CWE-22
Medium
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7818)
CVE-2014-7818
CWE-22
Medium
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7829)
CVE-2014-7829
CWE-22
Medium
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-0752)
CVE-2016-0752
CWE-22
High
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-2097)
CVE-2016-2097
CWE-22
Medium
Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2026-33195)
CVE-2026-33195
CWE-22
Critical
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-3227)
CVE-2007-3227
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3009)
CVE-2009-3009
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4214)
CVE-2009-4214
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0446)
CVE-2011-0446
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1497)
CVE-2011-1497
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2197)
CVE-2011-2197
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2931)
CVE-2011-2931
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2932)
CVE-2011-2932
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4319)
CVE-2011-4319
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1098)
CVE-2012-1098
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1099)
CVE-2012-1099
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3463)
CVE-2012-3463
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3464)
CVE-2012-3464
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3465)
CVE-2012-3465
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1855)
CVE-2013-1855
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1857)
CVE-2013-1857
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4491)
CVE-2013-4491
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6415)
CVE-2013-6415
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6416)
CVE-2013-6416
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0081)
CVE-2014-0081
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3226)
CVE-2015-3226
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6316)
CVE-2016-6316
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8264)
CVE-2020-8264
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)
CVE-2024-26143
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-32464)
CVE-2024-32464
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-33170)
CVE-2026-33170
CWE-707
Medium
Ruby on Rails Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2026-33202)
CVE-2026-33202
CWE-138
Critical
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4094)
CVE-2008-4094
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-0448)
CVE-2011-0448
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2930)
CVE-2011-2930
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2661)
CVE-2012-2661
CWE-138
Medium
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2695)
CVE-2012-2695
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6496)
CVE-2012-6496
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-0080)
CVE-2014-0080
CWE-138
Medium
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3482)
CVE-2014-3482
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3483)
CVE-2014-3483
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17916)
CVE-2017-17916
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17917)
CVE-2017-17917
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17919)
CVE-2017-17919
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17920)
CVE-2017-17920
CWE-138
High
Ruby on Rails Improper Verification of Intent by Broadcast Receiver Vulnerability (CVE-2026-33173)
CVE-2026-33173
CWE-925
Medium
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
CVE-2023-22792
CWE-1333
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2024-26142)
CVE-2024-26142
CWE-1333
High
Ruby on Rails Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-33174)
CVE-2026-33174
CWE-789
High
Ruby on Rails Missing Encryption of Sensitive Data Vulnerability (CVE-2010-3299)
CVE-2010-3299
CWE-311
Medium
Ruby on Rails Other Vulnerability (CVE-2013-0333)
CVE-2013-0333
-
High
Ruby on Rails Other Vulnerability (CVE-2021-22904)
CVE-2021-22904
-
High
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-0449)
CVE-2011-0449
CWE-264
High
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)
CVE-2012-2660
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)
CVE-2012-2694
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0155)
CVE-2013-0155
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0276)
CVE-2013-0276
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)
CVE-2013-6417
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)
CVE-2014-3514
CWE-264
High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)
CVE-2015-7581
-
High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)
CVE-2016-0751
-
High
Ruby on Rails SQL injection
CVE-2012-2695
CWE-89
High
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)
CVE-2020-8185
CWE-400
Medium
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)
CVE-2021-22880
CWE-400
High
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2026-33169)
CVE-2026-33169
CWE-400
Medium