Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9068)
CVE-2017-9068
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9070)
CVE-2017-9070
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9071)
CVE-2017-9071
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10382)
CVE-2018-10382
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20755)
CVE-2018-20755
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20756)
CVE-2018-20756
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20757)
CVE-2018-20757
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20758)
CVE-2018-20758
CWE-707
Medium
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2311)
CVE-2014-2311
CWE-138
High
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2736)
CVE-2014-2736
CWE-138
High
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000067)
CVE-2017-1000067
CWE-138
High
MODX Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25911)
CVE-2020-25911
CWE-611
Critical
MODX Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1000207)
CVE-2018-1000207
CWE-732
High
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9069)
CVE-2017-9069
CWE-434
High
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1010123)
CVE-2019-1010123
CWE-434
High
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26149)
CVE-2022-26149
CWE-434
High
MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities
CVE-2012-6081
CWE-434
High
Mojolicious weak secret key
-
CWE-693
Medium
Moment.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-24785)
CVE-2022-24785
CWE-22
High
Moment.js Other Vulnerability (CVE-2022-31129)
CVE-2022-31129
-
High
Moment.js Uncontrolled Resource Consumption Vulnerability (CVE-2016-4055)
CVE-2016-4055
CWE-400
Medium
Moment.js Uncontrolled Resource Consumption Vulnerability (CVE-2017-18214)
CVE-2017-18214
CWE-400
High
MongoDB $where operator JavaScript injection
-
CWE-943
High
MongoDb Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2025-7259)
CVE-2025-7259
CWE-843
Medium
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-32036)
CVE-2021-32036
CWE-770
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1847)
CVE-2026-1847
CWE-770
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1848)
CVE-2026-1848
CWE-770
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1850)
CVE-2026-1850
CWE-770
High
MongoDb CVE-2017-15535 Vulnerability (CVE-2017-15535)
CVE-2017-15535
-
Critical
MongoDb CVE-2019-2390 Vulnerability (CVE-2019-2390)
CVE-2019-2390
-
High
MongoDb CVE-2024-6384 Vulnerability (CVE-2024-6384)
CVE-2024-6384
-
Medium
MongoDb CVE-2024-7553 Vulnerability (CVE-2024-7553)
CVE-2024-7553
-
High
MongoDb CVE-2025-10061 Vulnerability (CVE-2025-10061)
CVE-2025-10061
-
Medium
MongoDb CVE-2025-3082 Vulnerability (CVE-2025-3082)
CVE-2025-3082
-
Medium
MongoDb CVE-2025-6709 Vulnerability (CVE-2025-6709)
CVE-2025-6709
-
High
MongoDb Double Free Vulnerability (CVE-2026-4358)
CVE-2026-4358
CWE-415
High
MongoDb Excessive Iteration Vulnerability (CVE-2018-20805)
CVE-2018-20805
CWE-834
Medium
MongoDb Excessive Iteration Vulnerability (CVE-2025-6714)
CVE-2025-6714
CWE-834
High
MongoDb Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6494)
CVE-2016-6494
CWE-200
Medium
MongoDb Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2024-8207)
CVE-2024-8207
CWE-610
Medium
MongoDb Heap-based Buffer Overflow Vulnerability (CVE-2025-0755)
CVE-2025-0755
CWE-122
High
MongoDB HTTP status interface
-
CWE-200
Medium
MongoDb Improper Authentication Vulnerability (CVE-2014-8180)
CVE-2014-8180
CWE-287
Medium
MongoDb Improper Authentication Vulnerability (CVE-2015-7882)
CVE-2015-7882
CWE-287
High
MongoDb Improper Authorization Vulnerability (CVE-2025-6713)
CVE-2025-6713
CWE-285
Medium
MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)
CVE-2023-1409
CWE-295
High
MongoDb Improper Certificate Validation Vulnerability (CVE-2024-1351)
CVE-2024-1351
CWE-295
Critical
MongoDb Improper Certificate Validation Vulnerability (CVE-2025-12893)
CVE-2025-12893
CWE-295
Medium
MongoDb Improper Check for Certificate Revocation Vulnerability (CVE-2025-3085)
CVE-2025-3085
CWE-299
Critical
MongoDb Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-20924)
CVE-2019-20924
CWE-754
Medium
MongoDb Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2025-12657)
CVE-2025-12657
CWE-754
Medium
MongoDb Improper Check or Handling of Exceptional Conditions Vulnerability (CVE-2025-3084)
CVE-2025-3084
CWE-703
Medium
MongoDb Improper Encoding or Escaping of Output Vulnerability (CVE-2021-20333)
CVE-2021-20333
CWE-116
Medium
MongoDb Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-7923)
CVE-2020-7923
CWE-755
Medium
MongoDb Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-7926)
CVE-2020-7926
CWE-755
Medium
MongoDb Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2025-14847)
CVE-2025-14847
CWE-130
High
MongoDb Improper Input Validation Vulnerability (CVE-2012-6619)
CVE-2012-6619
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2013-1892)
CVE-2013-1892
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2014-3971)
CVE-2014-3971
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2015-1609)
CVE-2015-1609
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2018-20804)
CVE-2018-20804
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2018-25004)
CVE-2018-25004
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2019-2389)
CVE-2019-2389
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2020-7925)
CVE-2020-7925
CWE-20
High
MongoDb Improper Input Validation Vulnerability (CVE-2021-20330)
CVE-2021-20330
CWE-20
Medium
MongoDb Improper Input Validation Vulnerability (CVE-2024-3372)
CVE-2024-3372
CWE-20
High
MongoDb Improper Locking Vulnerability (CVE-2025-14345)
CVE-2025-14345
CWE-667
Medium
MongoDb Improper Neutralization of Null Byte or NUL Character Vulnerability (CVE-2024-10921)
CVE-2024-10921
CWE-158
High
MongoDb Improper Validation of Specified Quantity in Input Vulnerability (CVE-2025-13507)
CVE-2025-13507
CWE-1284
Medium
MongoDb Incorrect Authorization Vulnerability (CVE-2020-7921)
CVE-2020-7921
CWE-863
Medium
MongoDb Incorrect Authorization Vulnerability (CVE-2025-6707)
CVE-2025-6707
CWE-863
Medium
MongoDb Incorrect Comparison Vulnerability (CVE-2019-20925)
CVE-2019-20925
CWE-697
High
MongoDb Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-20326)
CVE-2021-20326
CWE-732
Medium
MongoDb Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2025-10059)
CVE-2025-10059
CWE-732
Medium
MongoDb Incorrect Type Conversion or Cast Vulnerability (CVE-2026-25613)
CVE-2026-25613
CWE-704
Medium