🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
15072 vulnerabilities
in this category.
Critical: 1617
High: 4043
Medium: 8626
Low: 784
Information: 2
Vulnerability Name
CVE
CWE
Severity
Moodle CVE-2019-3851 Vulnerability (CVE-2019-3851)
CVE-2019-3851
-
Medium
Moodle CVE-2019-3852 Vulnerability (CVE-2019-3852)
CVE-2019-3852
-
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3872)
CVE-2019-3872
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4083)
CVE-2019-4083
CWE-707
Medium
IBM RTC CVE-2019-4084 Vulnerability (CVE-2019-4084)
CVE-2019-4084
-
Medium
IBM WebSEAL Session Fixation Vulnerability (CVE-2019-4152)
CVE-2019-4152
CWE-384
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4748)
CVE-2019-4748
CWE-707
Medium
IBM WebSEAL URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-4153)
CVE-2019-4153
CWE-601
Medium
IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2019-4156)
CVE-2019-4156
CWE-327
Medium
IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4157)
CVE-2019-4157
CWE-707
Medium
IBM WebSEAL Missing Authorization Vulnerability (CVE-2019-4158)
CVE-2019-4158
CWE-862
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4249)
CVE-2019-4249
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4250)
CVE-2019-4250
CWE-707
Medium
IBM WebSEAL Other Vulnerability (CVE-2019-4552)
CVE-2019-4552
-
Medium
IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4725)
CVE-2019-4725
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4747)
CVE-2019-4747
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19910)
CVE-2019-19910
CWE-707
Medium
Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)
CVE-2019-19714
CWE-116
Medium
Oracle JRE CVE-2018-2797 Vulnerability (CVE-2018-2797)
CVE-2018-2797
-
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724)
CVE-2018-7724
CWE-352
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7196)
CVE-2018-7196
CWE-707
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7202)
CVE-2018-7202
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7260)
CVE-2018-7260
CWE-707
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7305)
CVE-2018-7305
CWE-352
Medium
Django Incorrect Regular Expression Vulnerability (CVE-2018-7536)
CVE-2018-7536
CWE-185
Medium
Django Incorrect Regular Expression Vulnerability (CVE-2018-7537)
CVE-2018-7537
CWE-185
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7722)
CVE-2018-7722
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7723)
CVE-2018-7723
CWE-707
Medium
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2018-8004)
CVE-2018-8004
CWE-444
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7193)
CVE-2018-7193
CWE-707
Medium
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-8005)
CVE-2018-8005
CWE-400
Medium
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037)
CVE-2018-8037
CWE-362
Medium
Apache Traffic Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2018-8040)
CVE-2018-8040
CWE-668
Medium
Ext JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8046)
CVE-2018-8046
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8149)
CVE-2018-8149
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8155)
CVE-2018-8155
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8156)
CVE-2018-8156
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8252)
CVE-2018-8252
CWE-707
Medium
osTicket Integer Overflow or Wraparound Vulnerability (CVE-2018-7194)
CVE-2018-7194
CWE-190
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7192)
CVE-2018-7192
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8568)
CVE-2018-8568
CWE-707
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5950)
CVE-2018-5950
CWE-707
Medium
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-5682)
CVE-2018-5682
CWE-200
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5689)
CVE-2018-5689
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5690)
CVE-2018-5690
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5692)
CVE-2018-5692
CWE-707
Medium
PHP Incorrect Conversion between Numeric Types Vulnerability (CVE-2018-5711)
CVE-2018-5711
CWE-681
Medium
PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5712)
CVE-2018-5712
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5715)
CVE-2018-5715
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5776)
CVE-2018-5776
CWE-707
Medium
React Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6341)
CVE-2018-6341
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6944)
CVE-2018-6944
CWE-707
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6356)
CVE-2018-6356
CWE-22
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6377)
CVE-2018-6377
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6378)
CVE-2018-6378
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6379)
CVE-2018-6379
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6380)
CVE-2018-6380
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6844)
CVE-2018-6844
CWE-707
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-6883)
CVE-2018-6883
CWE-138
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6905)
CVE-2018-6905
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8254)
CVE-2018-8254
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8572)
CVE-2018-8572
CWE-707
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5478)
CVE-2018-5478
CWE-707
Medium
Oracle Database Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219)
CVE-2019-10219
CWE-707
Medium
PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10129)
CVE-2019-10129
CWE-125
Medium
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10130)
CVE-2019-10130
CWE-284
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-10133)
CVE-2019-10133
CWE-601
Medium
Moodle Missing Authorization Vulnerability (CVE-2019-10187)
CVE-2019-10187
CWE-862
Medium
Moodle Other Vulnerability (CVE-2019-10188)
CVE-2019-10188
-
Medium
Moodle Other Vulnerability (CVE-2019-10189)
CVE-2019-10189
-
Medium
Oracle HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219)
CVE-2019-10219
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219)
CVE-2019-10219
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219)
CVE-2019-10219
CWE-707
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10092)
CVE-2019-10092
CWE-707
Medium
WordPress Ultimate Member Plugin CVE-2019-10271 Vulnerability (CVE-2019-10271)
CVE-2019-10271
-
Medium
«
1
...
172
173
174
...
201
»