🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14673 vulnerabilities
in this category.
Critical: 1573
High: 3882
Medium: 8446
Low: 770
Information: 2
Vulnerability Name
CVE
CWE
Severity
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18085)
CVE-2017-18085
CWE-707
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18086)
CVE-2017-18086
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18097)
CVE-2017-18097
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18098)
CVE-2017-18098
CWE-707
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1251)
CVE-2017-1251
CWE-200
Medium
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1474)
CVE-2017-1474
CWE-200
Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2595)
CVE-2017-2595
CWE-22
Medium
Oracle Database Server CVE-2012-0527 Vulnerability (CVE-2012-0527)
CVE-2012-0527
-
Medium
Oracle Database Server CVE-2012-0534 Vulnerability (CVE-2012-0534)
CVE-2012-0534
-
Medium
Oracle Database Server CVE-2012-0528 Vulnerability (CVE-2012-0528)
CVE-2012-0528
-
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20033)
CVE-2017-20033
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20034)
CVE-2017-20034
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20035)
CVE-2017-20035
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20036)
CVE-2017-20036
CWE-707
Medium
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2017-20101)
CVE-2017-20101
CWE-639
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1762)
CVE-2017-1762
CWE-707
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2090)
CVE-2017-2090
CWE-22
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2098)
CVE-2017-2098
CWE-22
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2117)
CVE-2017-2117
CWE-22
Medium
Moodle Improper Input Validation Vulnerability (CVE-2017-2576)
CVE-2017-2576
CWE-20
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2578)
CVE-2017-2578
CWE-707
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)
CVE-2017-2582
CWE-200
Medium
MySQL CVE-2012-0540 Vulnerability (CVE-2012-0540)
CVE-2012-0540
-
Medium
IBM RTC Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1753)
CVE-2017-1753
CWE-94
Medium
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1476)
CVE-2017-1476
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1559)
CVE-2017-1559
CWE-200
Medium
IBM WebSEAL Insertion of Sensitive Information into Log File Vulnerability (CVE-2017-1480)
CVE-2017-1480
CWE-532
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1488)
CVE-2017-1488
CWE-200
Medium
IBM WebSEAL URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1489)
CVE-2017-1489
CWE-601
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1507)
CVE-2017-1507
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1509)
CVE-2017-1509
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1524)
CVE-2017-1524
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1570)
CVE-2017-1570
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1734)
CVE-2017-1734
CWE-200
Medium
IBM RTC Files or Directories Accessible to External Parties Vulnerability (CVE-2017-1602)
CVE-2017-1602
CWE-552
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1629)
CVE-2017-1629
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1653)
CVE-2017-1653
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1655)
CVE-2017-1655
CWE-707
Medium
IBM RTC Incorrect Authorization Vulnerability (CVE-2017-1700)
CVE-2017-1700
CWE-863
Medium
GlassFish CVE-2012-0550 Vulnerability (CVE-2012-0550)
CVE-2012-0550
-
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1725)
CVE-2017-1725
CWE-200
Medium
MySQL CVE-2017-3639 Vulnerability (CVE-2017-3639)
CVE-2017-3639
-
Medium
MySQL CVE-2017-3641 Vulnerability (CVE-2017-3641)
CVE-2017-3641
-
Medium
PHP Resource Management Errors Vulnerability (CVE-2012-0789)
CVE-2012-0789
-
Medium
PostgreSQL Missing Encryption of Sensitive Data Vulnerability (CVE-2017-7485)
CVE-2017-7485
CWE-311
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5270)
CVE-2011-5270
CWE-264
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5132)
CVE-2011-5132
CWE-707
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-5131)
CVE-2011-5131
CWE-352
Medium
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-5130)
CVE-2011-5130
CWE-94
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2011-5095)
CVE-2011-5095
-
Medium
Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064)
CVE-2011-5064
-
Medium
Apache Tomcat Improper Authentication Vulnerability (CVE-2011-5063)
CVE-2011-5063
CWE-287
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7298)
CVE-2017-7298
CWE-707
Medium
Moodle Improper Privilege Management Vulnerability (CVE-2017-7489)
CVE-2017-7489
CWE-269
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-7490)
CVE-2017-7490
CWE-668
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-7491)
CVE-2017-7491
CWE-352
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5062)
CVE-2011-5062
CWE-264
Medium
GlassFish Improper Input Validation Vulnerability (CVE-2011-5035)
CVE-2011-5035
CWE-20
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5024)
CVE-2011-5024
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7320)
CVE-2017-7320
CWE-707
Medium
Internet Information Services Other Vulnerability (CVE-2011-5279)
CVE-2011-5279
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7531)
CVE-2017-7531
CWE-200
Medium
Drupal Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-6928)
CVE-2017-6928
CWE-732
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2012-0050)
CVE-2012-0050
-
Medium
Drupal Improper Input Validation Vulnerability (CVE-2017-6921)
CVE-2017-6921
CWE-20
Medium
Drupal Files or Directories Accessible to External Parties Vulnerability (CVE-2017-6922)
CVE-2017-6922
CWE-552
Medium
Drupal Missing Authorization Vulnerability (CVE-2017-6923)
CVE-2017-6923
CWE-862
Medium
Apache HTTP Server CVE-2012-0031 Vulnerability (CVE-2012-0031)
CVE-2012-0031
-
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6927)
CVE-2017-6927
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6929)
CVE-2017-6929
CWE-707
Medium
Hesk Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5287)
CVE-2011-5287
CWE-707
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2012-0027)
CVE-2012-0027
-
Medium
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-6931)
CVE-2017-6931
CWE-434
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932)
CVE-2017-6932
CWE-601
Medium
Apache Tomcat Numeric Errors Vulnerability (CVE-2012-0022)
CVE-2012-0022
-
Medium
«
1
...
136
137
138
...
196
»
