🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
15072 vulnerabilities
in this category.
Critical: 1617
High: 4043
Medium: 8626
Low: 784
Information: 2
Vulnerability Name
CVE
CWE
Severity
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6660)
CVE-2015-6660
CWE-352
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6658)
CVE-2015-6658
CWE-707
Medium
Sqlite Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-6607)
CVE-2015-6607
CWE-264
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6588)
CVE-2015-6588
CWE-707
Medium
datatables Cross-site Scripting (XSS) Vulnerability (CVE-2015-6584)
CVE-2015-6584
-
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6521)
CVE-2015-6521
CWE-707
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3662)
CVE-2014-3662
CWE-200
Medium
Django Resource Management Errors Vulnerability (CVE-2015-5964)
CVE-2015-5964
-
Medium
Django Resource Management Errors Vulnerability (CVE-2015-5963)
CVE-2015-5963
-
Medium
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3665)
CVE-2014-3665
CWE-264
Medium
ownCloud Other Vulnerability (CVE-2015-5954)
CVE-2015-5954
-
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3667)
CVE-2014-3667
CWE-200
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3668)
CVE-2014-3668
CWE-119
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5734)
CVE-2015-5734
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5733)
CVE-2015-5733
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5732)
CVE-2015-5732
CWE-707
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3670)
CVE-2014-3670
CWE-119
Medium
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5731)
CVE-2015-5731
CWE-352
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3680)
CVE-2014-3680
CWE-200
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7983)
CVE-2014-7983
CWE-707
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5715)
CVE-2015-5715
CWE-264
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6734)
CVE-2015-6734
CWE-707
Medium
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6830)
CVE-2015-6830
CWE-200
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5651)
CVE-2015-5651
CWE-707
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7373)
CVE-2015-7373
CWE-707
Medium
Joomla Improper Access Control Vulnerability (CVE-2015-7899)
CVE-2015-7899
CWE-284
Medium
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2015-7873)
CVE-2015-7873
-
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7859)
CVE-2015-7859
CWE-200
Medium
PHP Numeric Errors Vulnerability (CVE-2015-7804)
CVE-2015-7804
-
Medium
PHP Other Vulnerability (CVE-2015-7803)
CVE-2015-7803
-
Medium
ATutor Other Vulnerability (CVE-2015-7712)
CVE-2015-7712
-
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7711)
CVE-2015-7711
CWE-707
Medium
Ruby on Rails Improper Access Control Vulnerability (CVE-2015-7577)
CVE-2015-7577
CWE-284
Medium
PHP Numeric Errors Vulnerability (CVE-2014-3587)
CVE-2014-3587
-
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565)
CVE-2015-7565
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7536)
CVE-2015-7536
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7471)
CVE-2015-7471
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7453)
CVE-2015-7453
CWE-707
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3597)
CVE-2014-3597
CWE-119
Medium
Squid Improper Input Validation Vulnerability (CVE-2014-3609)
CVE-2014-3609
CWE-20
Medium
CubeCart Improper Access Control Vulnerability (CVE-2015-6928)
CVE-2015-6928
CWE-284
Medium
Plone CMS Improper Access Control Vulnerability (CVE-2015-7315)
CVE-2015-7315
CWE-284
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6939)
CVE-2015-6939
CWE-707
Medium
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6943)
CVE-2015-6943
CWE-138
Medium
Jenkins Resource Management Errors Vulnerability (CVE-2014-3661)
CVE-2014-3661
-
Medium
Serendipity Other Vulnerability (CVE-2015-6968)
CVE-2015-6968
-
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3617)
CVE-2014-3617
CWE-264
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6969)
CVE-2015-6969
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7316)
CVE-2015-7316
CWE-707
Medium
ReviveAdserver Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7371)
CVE-2015-7371
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)
CVE-2015-7317
CWE-264
Medium
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7364)
CVE-2015-7364
CWE-352
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7365)
CVE-2015-7365
CWE-707
Medium
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7366)
CVE-2015-7366
CWE-352
Medium
Nginx Insufficient Session Expiration Vulnerability (CVE-2014-3616)
CVE-2014-3616
CWE-613
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7370)
CVE-2015-7370
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5714)
CVE-2015-5714
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3681)
CVE-2014-3681
CWE-707
Medium
Ruby on Rails Data Processing Errors Vulnerability (CVE-2014-3916)
CVE-2014-3916
-
Medium
Jboss EAP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5188)
CVE-2015-5188
CWE-352
Medium
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5288)
CVE-2015-5288
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5272)
CVE-2015-5272
CWE-264
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5269)
CVE-2015-5269
CWE-707
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5268)
CVE-2015-5268
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5266)
CVE-2015-5266
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5265)
CVE-2015-5265
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5264)
CVE-2015-5264
CWE-264
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3826)
CVE-2014-3826
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3827)
CVE-2014-3827
CWE-707
Medium
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5220)
CVE-2015-5220
CWE-119
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3832)
CVE-2014-3832
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3833)
CVE-2014-3833
CWE-707
Medium
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3835)
CVE-2014-3835
CWE-264
Medium
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3836)
CVE-2014-3836
CWE-352
Medium
Jboss EAP 7PK - Security Features Vulnerability (CVE-2015-5178)
CVE-2015-5178
-
Medium
«
1
...
179
180
181
...
201
»