🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
15072 vulnerabilities
in this category.
Critical: 1617
High: 4043
Medium: 8626
Low: 784
Information: 2
Vulnerability Name
CVE
CWE
Severity
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3810)
CVE-2014-3810
CWE-138
Medium
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-5174)
CVE-2015-5174
CWE-22
Medium
Django Improper Input Validation Vulnerability (CVE-2015-5144)
CVE-2015-5144
CWE-20
Medium
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5078)
CVE-2015-5078
CWE-138
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5063)
CVE-2015-5063
CWE-707
Medium
silverstripeCMS Other Vulnerability (CVE-2015-5062)
CVE-2015-5062
-
Medium
Oracle Database Server CVE-2015-4925 Vulnerability (CVE-2015-4925)
CVE-2015-4925
-
Medium
Oracle Database Server CVE-2015-4923 Vulnerability (CVE-2015-4923)
CVE-2015-4923
-
Medium
Oracle Database Server CVE-2015-4921 Vulnerability (CVE-2015-4921)
CVE-2015-4921
-
Medium
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3837)
CVE-2014-3837
CWE-264
Medium
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3838)
CVE-2014-3838
CWE-264
Medium
MySQL CVE-2015-4905 Vulnerability (CVE-2015-4905)
CVE-2015-4905
-
Medium
MySQL CVE-2015-4904 Vulnerability (CVE-2015-4904)
CVE-2015-4904
-
Medium
Oracle Database Server CVE-2015-4900 Vulnerability (CVE-2015-4900)
CVE-2015-4900
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3900)
CVE-2014-3900
CWE-707
Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5289)
CVE-2015-5289
CWE-119
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5317)
CVE-2015-5317
CWE-200
Medium
WordPress Improper Access Control Vulnerability (CVE-2015-5623)
CVE-2015-5623
CWE-284
Medium
Dotclear Other Vulnerability (CVE-2014-3782)
CVE-2014-3782
-
Medium
PHP Improper Input Validation Vulnerability (CVE-2014-3710)
CVE-2014-3710
CWE-20
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-5608)
CVE-2015-5608
CWE-601
Medium
Zenphoto Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5595)
CVE-2015-5595
CWE-352
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5594)
CVE-2015-5594
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5593)
CVE-2015-5593
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5592)
CVE-2015-5592
CWE-707
Medium
Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5400)
CVE-2015-5400
CWE-264
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5397)
CVE-2015-5397
CWE-352
Medium
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5382)
CVE-2015-5382
CWE-200
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5381)
CVE-2015-5381
CWE-707
Medium
Django Improper Input Validation Vulnerability (CVE-2014-3730)
CVE-2014-3730
CWE-20
Medium
Dotclear Improper Authentication Vulnerability (CVE-2014-3781)
CVE-2014-3781
CWE-287
Medium
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-5345)
CVE-2015-5345
CWE-22
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5342)
CVE-2015-5342
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5341)
CVE-2015-5341
CWE-264
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5318)
CVE-2015-5318
CWE-352
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5326)
CVE-2015-5326
CWE-707
Medium
Jenkins Other Vulnerability (CVE-2015-5319)
CVE-2015-5319
-
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5320)
CVE-2015-5320
CWE-200
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5321)
CVE-2015-5321
CWE-200
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-5322)
CVE-2015-5322
CWE-22
Medium
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5323)
CVE-2015-5323
CWE-264
Medium
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5324)
CVE-2015-5324
CWE-264
Medium
Moodle 7PK - Security Features Vulnerability (CVE-2015-5331)
CVE-2015-5331
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5340)
CVE-2015-5340
CWE-200
Medium
Dotclear Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3783)
CVE-2014-3783
CWE-138
Medium
Moodle Resource Management Errors Vulnerability (CVE-2015-5332)
CVE-2015-5332
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5335)
CVE-2015-5335
CWE-200
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5336)
CVE-2015-5336
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5337)
CVE-2015-5337
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5339)
CVE-2015-5339
CWE-200
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4744)
CVE-2014-4744
CWE-707
Medium
ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-4929)
CVE-2014-4929
CWE-22
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7989)
CVE-2015-7989
CWE-707
Medium
Jenkins 7PK - Security Features Vulnerability (CVE-2014-9635)
CVE-2014-9635
-
Medium
Oracle Database Server CVE-2014-6563 Vulnerability (CVE-2014-6563)
CVE-2014-6563
-
Medium
MySQL CVE-2014-6564 Vulnerability (CVE-2014-6564)
CVE-2014-6564
-
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-0113)
CVE-2015-0113
CWE-200
Medium
IBM RTC Other Vulnerability (CVE-2015-0112)
CVE-2015-0112
-
Medium
Oracle Database Server CVE-2014-6577 Vulnerability (CVE-2014-6577)
CVE-2014-6577
-
Medium
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-9767)
CVE-2014-9767
CWE-22
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9758)
CVE-2014-9758
CWE-707
Medium
ATutor Other Vulnerability (CVE-2014-9752)
CVE-2014-9752
-
Medium
Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9749)
CVE-2014-9749
CWE-264
Medium
Tornado Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2014-9720)
CVE-2014-9720
-
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-9709)
CVE-2014-9709
CWE-119
Medium
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9685)
CVE-2014-9685
CWE-707
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-9652)
CVE-2014-9652
CWE-119
Medium
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)
CVE-2014-9635
-
Medium
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9634)
CVE-2014-9634
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2015-0204)
CVE-2015-0204
-
Medium
Oracle Database Server CVE-2014-6578 Vulnerability (CVE-2014-6578)
CVE-2014-6578
-
Medium
Jenkins 7PK - Security Features Vulnerability (CVE-2014-9634)
CVE-2014-9634
-
Medium
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9599)
CVE-2014-9599
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-6631)
CVE-2014-6631
CWE-707
Medium
Roundcube Multiple Cross-site Request Forgery (CSRF) Vulnerabilities (CVE-2014-9587)
CVE-2014-9587
-
Medium
«
1
...
180
181
182
...
201
»