🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
15072 vulnerabilities
in this category.
Critical: 1617
High: 4043
Medium: 8626
Low: 784
Information: 2
Vulnerability Name
CVE
CWE
Severity
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-2983)
CVE-2014-2983
CWE-200
Medium
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7150)
CVE-2016-7150
CWE-707
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3470)
CVE-2014-3470
-
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3481)
CVE-2014-3481
CWE-200
Medium
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-7169)
CVE-2016-7169
CWE-22
Medium
OpenSSL Other Vulnerability (CVE-2014-3505)
CVE-2014-3505
-
Medium
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3508)
CVE-2014-3508
CWE-200
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3478)
CVE-2014-3478
CWE-119
Medium
PHP CVE-2014-3479 Vulnerability (CVE-2014-3479)
CVE-2014-3479
-
Medium
MySQL CVE-2016-0652 Vulnerability (CVE-2016-0652)
CVE-2016-0652
-
Medium
MySQL CVE-2016-0659 Vulnerability (CVE-2016-0659)
CVE-2016-0659
-
Medium
MySQL CVE-2016-0653 Vulnerability (CVE-2016-0653)
CVE-2016-0653
-
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2014-3507)
CVE-2014-3507
-
Medium
MySQL CVE-2016-0650 Vulnerability (CVE-2016-0650)
CVE-2016-0650
-
Medium
MySQL CVE-2016-0654 Vulnerability (CVE-2016-0654)
CVE-2016-0654
-
Medium
MySQL CVE-2016-0658 Vulnerability (CVE-2016-0658)
CVE-2016-0658
-
Medium
MySQL CVE-2016-0657 Vulnerability (CVE-2016-0657)
CVE-2016-0657
-
Medium
PHP Improper Input Validation Vulnerability (CVE-2014-3480)
CVE-2014-3480
CWE-20
Medium
MySQL CVE-2016-0656 Vulnerability (CVE-2016-0656)
CVE-2016-0656
-
Medium
MySQL CVE-2016-0655 Vulnerability (CVE-2016-0655)
CVE-2016-0655
-
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2014-3506)
CVE-2014-3506
-
Medium
MySQL CVE-2016-0661 Vulnerability (CVE-2016-0661)
CVE-2016-0661
-
Medium
MySQL CVE-2016-0651 Vulnerability (CVE-2016-0651)
CVE-2016-0651
-
Medium
MySQL CVE-2016-0662 Vulnerability (CVE-2016-0662)
CVE-2016-0662
-
Medium
MySQL CVE-2016-0665 Vulnerability (CVE-2016-0665)
CVE-2016-0665
-
Medium
MySQL CVE-2016-0668 Vulnerability (CVE-2016-0668)
CVE-2016-0668
-
Medium
OpenSSL Other Vulnerability (CVE-2014-3510)
CVE-2014-3510
-
Medium
MySQL CVE-2016-0667 Vulnerability (CVE-2016-0667)
CVE-2016-0667
-
Medium
MySQL CVE-2016-0666 Vulnerability (CVE-2016-0666)
CVE-2016-0666
-
Medium
MySQL CVE-2016-7440 Vulnerability (CVE-2016-7440)
CVE-2016-7440
-
Medium
MySQL CVE-2016-0649 Vulnerability (CVE-2016-0649)
CVE-2016-0649
-
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7168)
CVE-2016-7168
CWE-707
Medium
PHP Improper Input Validation Vulnerability (CVE-2014-3487)
CVE-2014-3487
CWE-20
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7419)
CVE-2016-7419
CWE-707
Medium
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-3509)
CVE-2014-3509
CWE-362
Medium
MySQL CVE-2016-0663 Vulnerability (CVE-2016-0663)
CVE-2016-0663
-
Medium
Moodle Other Vulnerability (CVE-2005-3649)
CVE-2005-3649
-
Low
MySQL CVE-2014-0427 Vulnerability (CVE-2014-0427)
CVE-2014-0427
-
Low
PHP Other Vulnerability (CVE-2005-3054)
CVE-2005-3054
-
Low
LimeSurvey CVE-2019-16181 Vulnerability (CVE-2019-16181)
CVE-2019-16181
-
Low
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16183)
CVE-2019-16183
CWE-276
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7217)
CVE-2014-7217
CWE-707
Low
MySQL CVE-2014-0430 Vulnerability (CVE-2014-0430)
CVE-2014-0430
-
Low
MySQL CVE-2014-6474 Vulnerability (CVE-2014-6474)
CVE-2014-6474
-
Low
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-0076)
CVE-2014-0076
-
Low
MySQL CVE-2014-0431 Vulnerability (CVE-2014-0431)
CVE-2014-0431
-
Low
Vulnerable package dependencies [low]
-
CWE-1104
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-3164)
CVE-2005-3164
CWE-200
Low
Phusion Passenger Other Vulnerability (CVE-2014-1831)
CVE-2014-1831
-
Low
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2033)
CVE-2013-2033
CWE-707
Low
Oracle JRE CVE-2022-39399 Vulnerability (CVE-2022-39399)
CVE-2022-39399
-
Low
MySQL CVE-2014-0437 Vulnerability (CVE-2014-0437)
CVE-2014-0437
-
Low
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0483)
CVE-2014-0483
CWE-264
Low
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2040)
CVE-2013-2040
CWE-707
Low
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7295)
CVE-2014-7295
CWE-707
Low
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7835)
CVE-2014-7835
CWE-707
Low
MySQL CVE-2014-0420 Vulnerability (CVE-2014-0420)
CVE-2014-0420
-
Low
MySQL CVE-2014-6551 Vulnerability (CVE-2014-6551)
CVE-2014-6551
-
Low
PostgreSQL Other Vulnerability (CVE-2006-0678)
CVE-2006-0678
-
Low
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2006-0369)
CVE-2006-0369
CWE-200
Low
Web Server Cache Poisoning (CMS Made Simple) v1.x
CVE-2016-2784
CWE-20
Low
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2150)
CVE-2013-2150
CWE-707
Low
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2149)
CVE-2013-2149
CWE-707
Low
PostgreSQL CVE-2022-41862 Vulnerability (CVE-2022-41862)
CVE-2022-41862
-
Low
MySQL CVE-2014-6568 Vulnerability (CVE-2014-6568)
CVE-2014-6568
-
Low
Vanilla Forums Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9889)
CVE-2019-9889
CWE-22
Low
PHP Other Vulnerability (CVE-2005-3319)
CVE-2005-3319
-
Low
Grafana Improper Access Control Vulnerability (CVE-2026-28378)
CVE-2026-28378
CWE-284
Low
MySQL CVE-2013-2391 Vulnerability (CVE-2013-2391)
CVE-2013-2391
-
Low
MySQL CVE-2014-0393 Vulnerability (CVE-2014-0393)
CVE-2014-0393
-
Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Low
WordPress Other Vulnerability (CVE-2006-0733)
CVE-2006-0733
-
Low
MySQL CVE-2013-2381 Vulnerability (CVE-2013-2381)
CVE-2013-2381
-
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2071)
CVE-2013-2071
CWE-200
Low
Oracle JRE CVE-2013-2415 Vulnerability (CVE-2013-2415)
CVE-2013-2415
-
Low
«
1
...
190
191
192
...
201
»