🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Contao Deserialization of Untrusted Data Vulnerability (CVE-2014-1860)
CVE-2014-1860
CWE-502
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2011-3268)
CVE-2011-3268
CWE-119
Critical
Oracle JRE CVE-2014-0429 Vulnerability (CVE-2014-0429)
CVE-2014-0429
-
Critical
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0260)
CVE-2014-0260
CWE-119
Critical
Oracle JRE CVE-2013-5829 Vulnerability (CVE-2013-5829)
CVE-2013-5829
-
Critical
Oracle JRE CVE-2013-5844 Vulnerability (CVE-2013-5844)
CVE-2013-5844
-
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42122)
CVE-2022-42122
CWE-138
Critical
PHP Improper Encoding or Escaping of Output Vulnerability (CVE-2024-1874)
CVE-2024-1874
CWE-116
Critical
MongoDb Improper Certificate Validation Vulnerability (CVE-2024-1351)
CVE-2024-1351
CWE-295
Critical
WordPress Ultimate Member Plugin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-1071)
CVE-2024-1071
CWE-138
Critical
Oracle JRE CVE-2013-5850 Vulnerability (CVE-2013-5850)
CVE-2013-5850
-
Critical
Oracle JRE CVE-2013-5846 Vulnerability (CVE-2013-5846)
CVE-2013-5846
-
Critical
Oracle JRE CVE-2013-5843 Vulnerability (CVE-2013-5843)
CVE-2013-5843
-
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42120)
CVE-2022-42120
CWE-138
Critical
Oracle JRE CVE-2013-5842 Vulnerability (CVE-2013-5842)
CVE-2013-5842
-
Critical
Oracle JRE CVE-2013-5838 Vulnerability (CVE-2013-5838)
CVE-2013-5838
-
Critical
ProjectSend Incorrect Authorization Vulnerability (CVE-2024-11680)
CVE-2024-11680
CWE-863
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2024-11236)
CVE-2024-11236
CWE-190
Critical
Oracle JRE CVE-2013-5832 Vulnerability (CVE-2013-5832)
CVE-2013-5832
-
Critical
Oracle JRE CVE-2013-5830 Vulnerability (CVE-2013-5830)
CVE-2013-5830
-
Critical
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42120)
CVE-2022-42120
CWE-138
Critical
PrestaShop Improper Privilege Management Vulnerability (CVE-2013-6295)
CVE-2013-6295
CWE-269
Critical
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0251)
CVE-2014-0251
CWE-94
Critical
Skipper Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-38580)
CVE-2022-38580
CWE-918
Critical
WebLogic CVE-2024-21216 Vulnerability (CVE-2024-21216)
CVE-2024-21216
-
Critical
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
CVE-2022-37159
CWE-434
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4030)
CVE-2011-4030
CWE-264
Critical
WebLogic CVE-2024-21181 Vulnerability (CVE-2024-21181)
CVE-2024-21181
-
Critical
OpenSSL Resource Management Errors Vulnerability (CVE-2011-4109)
CVE-2011-4109
-
Critical
HSQLDB CVE-2022-41853 Vulnerability (CVE-2022-41853)
CVE-2022-41853
-
Critical
Ruby Inadequate Encryption Strength Vulnerability (CVE-2011-4121)
CVE-2011-4121
CWE-326
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2022-3754)
CVE-2022-3754
CWE-521
Critical
Moodle CVE-2022-40314 Vulnerability (CVE-2022-40314)
CVE-2022-40314
-
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-40315)
CVE-2022-40315
CWE-138
Critical
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2022-40871)
CVE-2022-40871
CWE-276
Critical
WeBid Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-41477)
CVE-2022-41477
CWE-918
Critical
Oracle JRE CVE-2013-2440 Vulnerability (CVE-2013-2440)
CVE-2013-2440
-
Critical
Oracle JRE CVE-2013-2436 Vulnerability (CVE-2013-2436)
CVE-2013-2436
-
Critical
Oracle JRE CVE-2014-2397 Vulnerability (CVE-2014-2397)
CVE-2014-2397
-
Critical
WordPress CVE-2012-2400 Vulnerability (CVE-2012-2400)
CVE-2012-2400
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2023-3824)
CVE-2023-3824
CWE-119
Critical
MySQL CVE-2012-3163 Vulnerability (CVE-2012-3163)
CVE-2012-3163
-
Critical
IBMHttpServer CVE-2012-5955 Vulnerability (CVE-2012-5955)
CVE-2012-5955
-
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31126)
CVE-2023-31126
CWE-707
Critical
Django Improper Input Validation Vulnerability (CVE-2023-31047)
CVE-2023-31047
CWE-20
Critical
Oracle JRE CVE-2012-3143 Vulnerability (CVE-2012-3143)
CVE-2012-3143
-
Critical
Oracle JRE CVE-2012-3136 Vulnerability (CVE-2012-3136)
CVE-2012-3136
-
Critical
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-30838)
CVE-2023-30838
CWE-707
Critical
Opencart Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-40834)
CVE-2023-40834
CWE-307
Critical
Atlassian Jira CVE-2012-2926 Vulnerability (CVE-2012-2926)
CVE-2012-2926
-
Critical
phpMyFAQ Improper Access Control Vulnerability (CVE-2023-2429)
CVE-2023-2429
CWE-284
Critical
MySQL CVE-2012-2750 Vulnerability (CVE-2012-2750)
CVE-2012-2750
-
Critical
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41892)
CVE-2023-41892
CWE-94
Critical
PHP CVE-2012-2688 Vulnerability (CVE-2012-2688)
CVE-2012-2688
-
Critical
WordPress CVE-2012-2399 Vulnerability (CVE-2012-2399)
CVE-2012-2399
-
Critical
Oracle JRE Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3174)
CVE-2012-3174
CWE-264
Critical
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-28333)
CVE-2023-28333
CWE-94
Critical
Oracle JRE CVE-2013-0437 Vulnerability (CVE-2013-0437)
CVE-2013-0437
-
Critical
Pega Infinity Other Vulnerability (CVE-2023-28094)
CVE-2023-28094
-
Critical
Oracle JRE CVE-2013-0428 Vulnerability (CVE-2013-0428)
CVE-2013-0428
-
Critical
Oracle JRE CVE-2013-0426 Vulnerability (CVE-2013-0426)
CVE-2013-0426
-
Critical
Oracle JRE CVE-2013-0425 Vulnerability (CVE-2013-0425)
CVE-2013-0425
-
Critical
Oracle JRE Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0422)
CVE-2013-0422
CWE-264
Critical
MediaWiki CVE-2023-29141 Vulnerability (CVE-2023-29141)
CVE-2023-29141
-
Critical
SharePoint CVE-2023-29357 Vulnerability (CVE-2023-29357)
CVE-2023-29357
-
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29201)
CVE-2023-29201
CWE-707
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29202)
CVE-2023-29202
CWE-707
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29207)
CVE-2023-29207
CWE-707
Critical
CrushFTP Server Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177)
CVE-2023-43177
CWE-913
Critical
Ruby on Rails CVE-2013-0277 Vulnerability (CVE-2013-0277)
CVE-2013-0277
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2376)
CVE-2012-2376
CWE-119
Critical
CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541)
CVE-2023-31541
CWE-434
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-31672)
CVE-2023-31672
CWE-138
Critical
«
1
...
9
10
11
...
200
»