Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-50337)
CVE-2024-50337
CWE-918
Medium
Apache Tomcat Inadequate Encryption Strength Vulnerability (CVE-2024-52317)
CVE-2024-52317
CWE-326
Medium
Apache HTTP Server Other Vulnerability (CVE-2000-1204)
CVE-2000-1204
-
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2000-1205)
CVE-2000-1205
CWE-707
Medium
Craft CMS Files or Directories Accessible to External Parties Vulnerability (CVE-2024-52292)
CVE-2024-52292
CWE-552
Medium
Apache HTTP Server Other Vulnerability (CVE-2000-1206)
CVE-2000-1206
-
Medium
Apache Tomcat Other Vulnerability (CVE-2000-1210)
CVE-2000-1210
-
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51489)
CVE-2024-51489
CWE-352
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51488)
CVE-2024-51488
CWE-352
Medium
Zope Web Application Server Other Vulnerability (CVE-2000-1212)
CVE-2000-1212
-
Medium
Oracle Application Server Other Vulnerability (CVE-2000-1235)
CVE-2000-1235
-
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51142)
CVE-2024-51142
CWE-707
Medium
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50802)
CVE-2024-50802
CWE-138
Medium
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50801)
CVE-2024-50801
CWE-138
Medium
Internet Information Services Other Vulnerability (CVE-2001-0004)
CVE-2001-0004
-
Medium
Apache HTTP Server Other Vulnerability (CVE-2001-0042)
CVE-2001-0042
-
Medium
Moodle CVE-2024-48900 Vulnerability (CVE-2024-48900)
CVE-2024-48900
-
Medium
Internet Information Services Other Vulnerability (CVE-2001-0096)
CVE-2001-0096
-
Medium
WP Plugin Contact Form 7 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-4704)
CVE-2024-4704
CWE-601
Medium
PHP Other Vulnerability (CVE-2001-0108)
CVE-2001-0108
-
Medium
WP Plugin Advanced Custom Fields CVE-2024-4565 Vulnerability (CVE-2024-4565)
CVE-2024-4565
-
Medium
PostgreSQL Missing Authorization Vulnerability (CVE-2024-4317)
CVE-2024-4317
CWE-862
Medium
IBMHttpServer Other Vulnerability (CVE-2001-0122)
CVE-2001-0122
-
Medium
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-49766)
CVE-2024-49766
CWE-22
Medium
Internet Information Services CVE-2001-0146 Vulnerability (CVE-2001-0146)
CVE-2001-0146
-
Medium
Internet Information Services Other Vulnerability (CVE-2001-0151)
CVE-2001-0151
-
Medium
SharePoint CVE-2024-49065 Vulnerability (CVE-2024-49065)
CVE-2024-49065
-
Medium
SharePoint CVE-2024-49064 Vulnerability (CVE-2024-49064)
CVE-2024-49064
-
Medium
SharePoint CVE-2024-49062 Vulnerability (CVE-2024-49062)
CVE-2024-49062
-
Medium
Mailman Other Vulnerability (CVE-2001-0290)
CVE-2001-0290
-
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-48901)
CVE-2024-48901
CWE-863
Medium
Internet Information Services Other Vulnerability (CVE-2000-0304)
CVE-2000-0304
-
Medium
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-8980)
CVE-2024-8980
CWE-352
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-45591)
CVE-2024-45591
CWE-862
Medium
GeoServer Missing Authorization Vulnerability (CVE-2025-27505)
CVE-2025-27505
CWE-862
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-29790)
CVE-2025-29790
CWE-707
Medium
Apache HTTP Server Other Vulnerability (CVE-1999-0107)
CVE-1999-0107
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0154)
CVE-1999-0154
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0191)
CVE-1999-0191
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0278)
CVE-1999-0278
-
Medium
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-29088)
CVE-2025-29088
CWE-190
Medium
Internet Information Services Other Vulnerability (CVE-1999-0281)
CVE-1999-0281
-
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-28074)
CVE-2025-28074
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-28073)
CVE-2025-28073
CWE-707
Medium
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-1999-0348)
CVE-1999-0348
CWE-200
Medium
Jenkins URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-27625)
CVE-2025-27625
CWE-601
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-27624)
CVE-2025-27624
CWE-352
Medium
Jenkins Cleartext Storage of Sensitive Information Vulnerability (CVE-2025-27623)
CVE-2025-27623
CWE-312
Medium
Jenkins Cleartext Storage of Sensitive Information Vulnerability (CVE-2025-27622)
CVE-2025-27622
CWE-312
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-27208)
CVE-2025-27208
CWE-707
Medium
XWikiplatform Other Vulnerability (CVE-2025-29925)
CVE-2025-29925
-
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26791)
CVE-2025-26791
CWE-707
Medium
Internet Information Services Other Vulnerability (CVE-1999-0448)
CVE-1999-0448
-
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-26532)
CVE-2025-26532
CWE-863
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-26531)
CVE-2025-26531
CWE-863
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26530)
CVE-2025-26530
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26529)
CVE-2025-26529
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26528)
CVE-2025-26528
CWE-707
Medium
Moodle Exposure of Sensitive Information Through Metadata Vulnerability (CVE-2025-26527)
CVE-2025-26527
CWE-1230
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-26526)
CVE-2025-26526
CWE-863
Medium
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-26241)
CVE-2025-26241
CWE-138
Medium
PrestaShop Deserialization of Untrusted Data Vulnerability (CVE-2025-25692)
CVE-2025-25692
CWE-502
Medium
PrestaShop Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2025-25691)
CVE-2025-25691
CWE-138
Medium
Internet Information Services Other Vulnerability (CVE-1999-0736)
CVE-1999-0736
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0737)
CVE-1999-0737
-
Medium
Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070)
CVE-1999-0070
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0012)
CVE-1999-0012
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-0739)
CVE-1999-0739
-
Medium
CrushFTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-32103)
CVE-2025-32103
CWE-22
Medium
WP Plugin Contact Form 7 Improper Validation of Integrity Check Value Vulnerability (CVE-2025-3247)
CVE-2025-3247
CWE-354
Medium
Zimbra Collaboration XSS (CVE-2022-27926)
CVE-2022-27926
CWE-79
Medium
MongoDb Improper Check or Handling of Exceptional Conditions Vulnerability (CVE-2025-3084)
CVE-2025-3084
CWE-703
Medium
MongoDb CVE-2025-3082 Vulnerability (CVE-2025-3082)
CVE-2025-3082
-
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-3057)
CVE-2025-3057
CWE-707
Medium
Craft CMS Other Vulnerability (CVE-2025-35939)
CVE-2025-35939
-
Medium