Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24254 vulnerabilities in 62 categories.

Critical: 1581 High: 13032 Medium: 8704 Low: 868 Information: 69
Vulnerability Name
CVE
CWE
Severity
GlassFish Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000028)
CVE-2017-1000028
CWE-22
High
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2751)
CVE-2008-2751
CWE-707
Medium
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5266)
CVE-2008-5266
CWE-707
Medium
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1553)
CVE-2009-1553
CWE-707
Medium
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3314)
CVE-2021-3314
CWE-707
Medium
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-7182)
CVE-2015-7182
CWE-119
Critical
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1950)
CVE-2016-1950
CWE-119
High
GlassFish Observable Discrepancy Vulnerability (CVE-2013-1620)
CVE-2013-1620
CWE-203
Medium
GlassFish Use of Hard-coded Credentials Vulnerability (CVE-2018-14324)
CVE-2018-14324
CWE-798
Critical
Global.asa backup file found
-
CWE-538
Medium
GlobalProtect PAN-OS RCE (CVE-2024-3400)
CVE-2024-3400
CWE-77
Critical
Go web application binary disclosure
-
CWE-540
Medium
GoAhead web server remote code execution
CVE-2017-17562
CWE-94
High
GoAnywhere MFT Authentication Bypass (CVE-2024-0204)
CVE-2024-0204
CWE-425
Critical
GoCD information disclosure (CVE-2021-43287)
CVE-2021-43287
CWE-200
High
Golang runtime profiling data
-
CWE-200
Medium
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2022-35957)
CVE-2022-35957
CWE-290
Medium
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2023-3128)
CVE-2023-3128
CWE-290
Critical
Grafana Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-10452)
CVE-2024-10452
CWE-639
Low
Grafana avatar SSRF
CVE-2020-13379
CWE-78
High
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-12458)
CVE-2020-12458
CWE-312
Medium
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148)
CVE-2022-26148
CWE-312
Critical
Grafana Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-39328)
CVE-2022-39328
CWE-362
High
Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703)
CVE-2022-21703
CWE-352
High
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
CVE-2021-27358
-
High
Grafana CVE-2022-39201 Vulnerability (CVE-2022-39201)
CVE-2022-39201
-
High
Grafana CVE-2022-39307 Vulnerability (CVE-2022-39307)
CVE-2022-39307
-
Medium
Grafana CVE-2023-1387 Vulnerability (CVE-2023-1387)
CVE-2023-1387
-
High
Grafana CVE-2023-4399 Vulnerability (CVE-2023-4399)
CVE-2023-4399
-
High
Grafana CVE-2023-4822 Vulnerability (CVE-2023-4822)
CVE-2023-4822
-
High
Grafana CVE-2024-1442 Vulnerability (CVE-2024-1442)
CVE-2024-1442
-
High
Grafana CVE-2026-27877 Vulnerability (CVE-2026-27877)
CVE-2026-27877
-
High
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19039)
CVE-2018-19039
CWE-200
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-19499)
CVE-2019-19499
CWE-200
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-12459)
CVE-2020-12459
CWE-200
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21673)
CVE-2022-21673
CWE-200
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498)
CVE-2022-23498
CWE-200
High
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-21722)
CVE-2026-21722
CWE-200
Medium
Grafana Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2021-41244)
CVE-2021-41244
CWE-610
Critical
Grafana Improper Authentication Vulnerability (CVE-2018-15727)
CVE-2018-15727
CWE-287
Critical
Grafana Improper Authentication Vulnerability (CVE-2021-28148)
CVE-2021-28148
CWE-287
High
Grafana Improper Authentication Vulnerability (CVE-2021-39226)
CVE-2021-39226
CWE-287
High
Grafana Improper Authentication Vulnerability (CVE-2022-32276)
CVE-2022-32276
CWE-287
High
Grafana Improper Authentication Vulnerability (CVE-2022-39229)
CVE-2022-39229
CWE-287
Medium
Grafana Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-27876)
CVE-2026-27876
CWE-94
Critical
Grafana Improper Input Validation Vulnerability (CVE-2022-39306)
CVE-2022-39306
CWE-20
High
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43798)
CVE-2021-43798
CWE-22
High
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43813)
CVE-2021-43813
CWE-22
Medium
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43815)
CVE-2021-43815
CWE-22
Medium
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-32275)
CVE-2022-32275
CWE-22
High
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000816)
CVE-2018-1000816
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12099)
CVE-2018-12099
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18623)
CVE-2018-18623
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18624)
CVE-2018-18624
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18625)
CVE-2018-18625
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13068)
CVE-2019-13068
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11110)
CVE-2020-11110
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12052)
CVE-2020-12052
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12245)
CVE-2020-12245
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13430)
CVE-2020-13430
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24303)
CVE-2020-24303
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41174)
CVE-2021-41174
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-21702)
CVE-2022-21702
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23552)
CVE-2022-23552
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31097)
CVE-2022-31097
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39324)
CVE-2022-39324
CWE-707
Low
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0507)
CVE-2023-0507
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0594)
CVE-2023-0594
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1410)
CVE-2023-1410
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-22462)
CVE-2023-22462
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-41117)
CVE-2025-41117
CWE-707
Medium
Grafana Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-9264)
CVE-2024-9264
CWE-138
High
Grafana Improper Preservation of Permissions Vulnerability (CVE-2022-36062)
CVE-2022-36062
CWE-281
Low
Grafana Improper Synchronization Vulnerability (CVE-2023-2801)
CVE-2023-2801
CWE-662
Medium
Grafana Improper Verification of Cryptographic Signature Vulnerability (CVE-2022-31123)
CVE-2022-31123
CWE-347
High