Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1749)
CVE-2025-1749
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1747)
CVE-2025-1747
CWE-707
Medium
Internet Information Services Other Vulnerability (CVE-1999-1537)
CVE-1999-1537
-
Medium
OpenSSL Improper Verification of Cryptographic Signature Vulnerability (CVE-2025-15469)
CVE-2025-15469
CWE-347
Medium
MongoDb Improper Locking Vulnerability (CVE-2025-14345)
CVE-2025-14345
CWE-667
Medium
Internet Information Services Other Vulnerability (CVE-1999-1478)
CVE-1999-1478
-
Medium
Internet Information Services Other Vulnerability (CVE-1999-1451)
CVE-1999-1451
-
Medium
Opencart Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-15116)
CVE-2025-15116
CWE-362
Medium
Perl Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-1999-1386)
CVE-1999-1386
CWE-59
Medium
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2025-15468)
CVE-2025-15468
CWE-476
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-15599)
CVE-2025-15599
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1746)
CVE-2025-1746
CWE-707
Medium
PHP Inaccurate Comments Vulnerability (CVE-2025-1219)
CVE-2025-1219
CWE-1116
Medium
PHP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-1220)
CVE-2025-1220
CWE-918
Medium
Payara Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1534)
CVE-2025-1534
CWE-707
Medium
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-1695)
CVE-2025-1695
CWE-835
Medium
PHP Improper Input Validation Vulnerability (CVE-2025-1734)
CVE-2025-1734
CWE-20
Medium
Internet Information Services Other Vulnerability (CVE-1999-1375)
CVE-1999-1375
-
Medium
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-45604)
CVE-2024-45604
CWE-22
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45406)
CVE-2024-45406
CWE-707
Medium
TestRail Information Disclosure (CVE-2021-40875)
CVE-2021-40875
CWE-425
Medium
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-26129)
CVE-2024-26129
CWE-22
Medium
Liferay Portal Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Ruby on Rails CVE-2024-26144 Vulnerability (CVE-2024-26144)
CVE-2024-26144
-
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)
CVE-2024-26143
CWE-707
Medium
Apache HTTP Server Other Vulnerability (CVE-2002-1156)
CVE-2002-1156
-
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-25983)
CVE-2024-25983
CWE-639
Medium
Apache Tomcat Other Vulnerability (CVE-2002-1148)
CVE-2002-1148
-
Medium
Moodle CVE-2024-25981 Vulnerability (CVE-2024-25981)
CVE-2024-25981
-
Medium
Moodle CVE-2024-25980 Vulnerability (CVE-2024-25980)
CVE-2024-25980
-
Medium
Moodle CVE-2024-25979 Vulnerability (CVE-2024-25979)
CVE-2024-25979
-
Medium
Internet Information Services Other Vulnerability (CVE-2002-1181)
CVE-2002-1181
-
Medium
Internet Information Services Other Vulnerability (CVE-2002-1182)
CVE-2002-1182
-
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
MySQL Other Vulnerability (CVE-2002-1373)
CVE-2002-1373
-
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Liferay DXP Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Python Other Vulnerability (CVE-2002-1119)
CVE-2002-1119
-
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25604)
CVE-2024-25604
CWE-863
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28108)
CVE-2024-28108
CWE-707
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29203)
CVE-2024-29203
CWE-707
Medium
Oracle Database Server Other Vulnerability (CVE-2002-0856)
CVE-2002-0856
-
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29179)
CVE-2024-29179
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28853)
CVE-2024-28853
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28852)
CVE-2024-28852
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28793)
CVE-2024-28793
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28710)
CVE-2024-28710
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28709)
CVE-2024-28709
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28662)
CVE-2024-28662
CWE-707
Medium
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-28593)
CVE-2024-28593
CWE-94
Medium
Contao CVE-2024-28235 Vulnerability (CVE-2024-28235)
CVE-2024-28235
-
Medium
Contao CVE-2024-28234 Vulnerability (CVE-2024-28234)
CVE-2024-28234
-
Medium
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-28191)
CVE-2024-28191
CWE-138
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28190)
CVE-2024-28190
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28106)
CVE-2024-28106
CWE-707
Medium
Oracle Application Server Other Vulnerability (CVE-2002-1089)
CVE-2002-1089
-
Medium
Apache Tomcat Other Vulnerability (CVE-2002-0935)
CVE-2002-0935
-
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27626)
CVE-2024-27626
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27525)
CVE-2024-27525
CWE-707
Medium