Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Low
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0976)
CVE-2012-0976
CWE-707
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3591)
CVE-2011-3591
CWE-707
Low
PrestaShop Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-51586)
CVE-2025-51586
CWE-359
Low
Oracle Database Server CVE-2014-4289 Vulnerability (CVE-2014-4289)
CVE-2014-4289
-
Low
Caddy Web Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19148)
CVE-2018-19148
CWE-200
Low
Oracle Database Server CVE-2014-4245 Vulnerability (CVE-2014-4245)
CVE-2014-4245
-
Low
MySQL CVE-2014-4243 Vulnerability (CVE-2014-4243)
CVE-2014-4243
-
Low
MySQL CVE-2014-4240 Vulnerability (CVE-2014-4240)
CVE-2014-4240
-
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3592)
CVE-2011-3592
CWE-707
Low
MySQL CVE-2014-4214 Vulnerability (CVE-2014-4214)
CVE-2014-4214
-
Low
ReviveAdserver Use of Externally-Controlled Format String Vulnerability (CVE-2025-52666)
CVE-2025-52666
CWE-134
Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4371)
CVE-2009-4371
CWE-707
Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4369)
CVE-2009-4369
CWE-707
Low
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-4330)
CVE-2014-4330
CWE-119
Low
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-3981)
CVE-2014-3981
CWE-59
Low
Oracle Application Server Other Vulnerability (CVE-2007-0287)
CVE-2007-0287
-
Low
Oracle Database Server Out-of-bounds Read Vulnerability (CVE-2025-53051)
CVE-2025-53051
CWE-125
Low
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3966)
CVE-2014-3966
CWE-707
Low
Oracle Application Server Other Vulnerability (CVE-2007-0286)
CVE-2007-0286
-
Low
Moodle Other Vulnerability (CVE-2005-3649)
CVE-2005-3649
-
Low
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3943)
CVE-2014-3943
CWE-707
Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3741)
CVE-2008-3741
CWE-707
Low
Oracle Application Server Other Vulnerability (CVE-2007-0282)
CVE-2007-0282
-
Low
Oracle HTTP Server Other Vulnerability (CVE-2007-0282)
CVE-2007-0282
-
Low
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0827)
CVE-2012-0827
CWE-264
Low
Vulnerable package dependencies [low]
-
CWE-1104
Low
Oracle Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0275)
CVE-2007-0275
CWE-707
Low
Oracle Database Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0275)
CVE-2007-0275
CWE-707
Low
Joomla CVE-2017-14595 Vulnerability (CVE-2017-14595)
CVE-2017-14595
-
Low
Oracle Database Server CVE-2011-3511 Vulnerability (CVE-2011-3511)
CVE-2011-3511
-
Low
MySQL CVE-2014-6463 Vulnerability (CVE-2014-6463)
CVE-2014-6463
-
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-3164)
CVE-2005-3164
CWE-200
Low
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1413)
CVE-2012-1413
CWE-707
Low
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0606)
CVE-2010-0606
CWE-707
Low
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3326)
CVE-2008-3326
CWE-707
Low
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1253)
CVE-2012-1253
CWE-707
Low
Next.js Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-49005)
CVE-2025-49005
-
Low
phpMyFAQ Improper Authorization Vulnerability (CVE-2014-6049)
CVE-2014-6049
CWE-285
Low
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49583)
CVE-2025-49583
CWE-357
Low
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-5459)
CVE-2014-5459
CWE-59
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5274)
CVE-2014-5274
CWE-707
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5273)
CVE-2014-5273
CWE-707
Low
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5240)
CVE-2014-5240
CWE-707
Low
Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2012-1160)
CVE-2012-1160
CWE-732
Low
PHP Other Vulnerability (CVE-2005-3054)
CVE-2005-3054
-
Low
Oracle Database Server Improper Privilege Management Vulnerability (CVE-2025-50066)
CVE-2025-50066
CWE-269
Low
Jboss EAP Credentials Management Errors Vulnerability (CVE-2009-5066)
CVE-2009-5066
-
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4348)
CVE-2014-4348
CWE-707
Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5021)
CVE-2014-5021
CWE-707
Low
MySQL Improper Access Control Vulnerability (CVE-2025-50081)
CVE-2025-50081
CWE-284
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4986)
CVE-2014-4986
CWE-707
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4955)
CVE-2014-4955
CWE-707
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4954)
CVE-2014-4954
CWE-707
Low
PHP Other Vulnerability (CVE-2005-3319)
CVE-2005-3319
-
Low
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-4721)
CVE-2014-4721
CWE-200
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3457)
CVE-2008-3457
CWE-707
Low
MySQL CVE-2025-50098 Vulnerability (CVE-2025-50098)
CVE-2025-50098
-
Low
MySQL CVE-2025-50100 Vulnerability (CVE-2025-50100)
CVE-2025-50100
-
Low
WordPress Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2020-4050)
CVE-2020-4050
CWE-288
Low
WordPress Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2020-4049)
CVE-2020-4049
CWE-707
Low
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50104)
CVE-2025-50104
CWE-400
Low
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4349)
CVE-2014-4349
CWE-707
Low
MySQL Other Vulnerability (CVE-2005-0711)
CVE-2005-0711
-
Low
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2040)
CVE-2013-2040
CWE-707
Low
MySQL CVE-2022-21355 Vulnerability (CVE-2022-21355)
CVE-2022-21355
-
Low
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2273)
CVE-2015-2273
CWE-707
Low
Oracle Database Server CVE-2011-2240 Vulnerability (CVE-2011-2240)
CVE-2011-2240
-
Low
MySQL CVE-2019-2738 Vulnerability (CVE-2019-2738)
CVE-2019-2738
-
Low
Java Denial of Service (DoS) Vulnerability (CVE-2018-2952)
CVE-2018-2952
-
Low
Internet Information Services Other Vulnerability (CVE-1999-1538)
CVE-1999-1538
-
Low
MySQL CVE-2015-2567 Vulnerability (CVE-2015-2567)
CVE-2015-2567
-
Low
MySQL CVE-2015-2566 Vulnerability (CVE-2015-2566)
CVE-2015-2566
-
Low
Drupal Improper Access Control Vulnerability (CVE-2015-2559)
CVE-2015-2559
CWE-284
Low
Oracle Database Server CVE-2011-2242 Vulnerability (CVE-2011-2242)
CVE-2011-2242
-
Low