🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
15072 vulnerabilities
in this category.
Critical: 1617
High: 4043
Medium: 8626
Low: 784
Information: 2
Vulnerability Name
CVE
CWE
Severity
Oracle Database Server CVE-2010-2389 Vulnerability (CVE-2010-2389)
CVE-2010-2389
-
Low
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51337)
CVE-2024-51337
CWE-707
Low
Oracle Database Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3562)
CVE-2016-3562
CWE-200
Low
Jetty Insufficient Session Expiration Vulnerability (CVE-2021-34428)
CVE-2021-34428
CWE-613
Low
SharePoint CVE-2021-34519 Vulnerability (CVE-2021-34519)
CVE-2021-34519
-
Low
Oracle HTTP Server CVE-2016-3482 Vulnerability (CVE-2016-3482)
CVE-2016-3482
-
Low
MySQL CVE-2016-3452 Vulnerability (CVE-2016-3452)
CVE-2016-3452
-
Low
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-23839)
CVE-2021-23839
CWE-327
Low
MySQL Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2010-2008)
CVE-2010-2008
CWE-138
Low
phpList CVE-2017-20031 Vulnerability (CVE-2017-20031)
CVE-2017-20031
-
Low
MySQL CVE-2024-21244 Vulnerability (CVE-2024-21244)
CVE-2024-21244
-
Low
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2947)
CVE-2016-2947
CWE-200
Low
Oracle Database Server CVE-2021-35576 Vulnerability (CVE-2021-35576)
CVE-2021-35576
-
Low
MySQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1626)
CVE-2010-1626
CWE-264
Low
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2513)
CVE-2016-2513
CWE-200
Low
MySQL CVE-2021-35618 Vulnerability (CVE-2021-35618)
CVE-2021-35618
-
Low
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2603)
CVE-2017-2603
CWE-200
Low
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4344)
CVE-2011-4344
CWE-707
Low
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1481)
CVE-2010-1481
CWE-707
Low
MySQL CVE-2021-35623 Vulnerability (CVE-2021-35623)
CVE-2021-35623
-
Low
MySQL CVE-2021-35625 Vulnerability (CVE-2021-35625)
CVE-2021-35625
-
Low
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4415)
CVE-2011-4415
CWE-20
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1157)
CVE-2010-1157
CWE-200
Low
Oracle Database Server CVE-2024-21251 Vulnerability (CVE-2024-21251)
CVE-2024-21251
-
Low
MySQL CVE-2024-21247 Vulnerability (CVE-2024-21247)
CVE-2024-21247
-
Low
MySQL CVE-2015-4913 Vulnerability (CVE-2015-4913)
CVE-2015-4913
-
Low
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2687)
CVE-2012-2687
CWE-707
Low
PHP Other Vulnerability (CVE-2006-1014)
CVE-2006-1014
-
Low
Oracle Database Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0275)
CVE-2007-0275
CWE-707
Low
MySQL CVE-2015-0506 Vulnerability (CVE-2015-0506)
CVE-2015-0506
-
Low
MySQL CVE-2015-0505 Vulnerability (CVE-2015-0505)
CVE-2015-0505
-
Low
MySQL CVE-2015-0499 Vulnerability (CVE-2015-0499)
CVE-2015-0499
-
Low
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6145)
CVE-2012-6145
CWE-707
Low
MySQL CVE-2015-0498 Vulnerability (CVE-2015-0498)
CVE-2015-0498
-
Low
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6147)
CVE-2012-6147
CWE-707
Low
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6148)
CVE-2012-6148
CWE-707
Low
Oracle Application Server Other Vulnerability (CVE-2007-0287)
CVE-2007-0287
-
Low
Oracle Application Server Other Vulnerability (CVE-2007-0286)
CVE-2007-0286
-
Low
MySQL CVE-2022-21372 Vulnerability (CVE-2022-21372)
CVE-2022-21372
-
Low
Oracle Application Server Other Vulnerability (CVE-2007-0282)
CVE-2007-0282
-
Low
Oracle HTTP Server Other Vulnerability (CVE-2007-0282)
CVE-2007-0282
-
Low
Oracle Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0275)
CVE-2007-0275
CWE-707
Low
MySQL CVE-2015-0385 Vulnerability (CVE-2015-0385)
CVE-2015-0385
-
Low
MySQL CVE-2022-21357 Vulnerability (CVE-2022-21357)
CVE-2022-21357
-
Low
MySQL CVE-2015-0374 Vulnerability (CVE-2015-0374)
CVE-2015-0374
-
Low
Oracle Database Server CVE-2015-0370 Vulnerability (CVE-2015-0370)
CVE-2015-0370
-
Low
Drupal Other Vulnerability (CVE-2007-0124)
CVE-2007-0124
-
Low
Jenkins CVE-2013-0158 Vulnerability (CVE-2013-0158)
CVE-2013-0158
-
Low
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-67639)
CVE-2025-67639
CWE-352
Low
OpenSSL Cryptographic Issues Vulnerability (CVE-2013-0169)
CVE-2013-0169
-
Low
MySQL CVE-2022-21484 Vulnerability (CVE-2022-21484)
CVE-2022-21484
-
Low
MySQL CVE-2022-21485 Vulnerability (CVE-2022-21485)
CVE-2022-21485
-
Low
PHP Other Vulnerability (CVE-2006-7204)
CVE-2006-7204
-
Low
MySQL CVE-2022-21486 Vulnerability (CVE-2022-21486)
CVE-2022-21486
-
Low
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-0218)
CVE-2013-0218
CWE-200
Low
Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-24406)
CVE-2020-24406
CWE-22
Low
Moodle Improper Input Validation Vulnerability (CVE-2019-10134)
CVE-2019-10134
CWE-20
Low
Magento Improper Authorization Vulnerability (CVE-2020-24404)
CVE-2020-24404
CWE-285
Low
MySQL CVE-2015-0507 Vulnerability (CVE-2015-0507)
CVE-2015-0507
-
Low
MySQL CVE-2015-0511 Vulnerability (CVE-2015-0511)
CVE-2015-0511
-
Low
PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10209)
CVE-2019-10209
CWE-125
Low
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-1732)
CVE-2007-1732
CWE-707
Low
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-2450)
CVE-2007-2450
CWE-707
Low
Java Unspesificed Vulnerability (CVE-2018-3157)
CVE-2018-3157
-
Low
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2269)
CVE-2015-2269
CWE-707
Low
Play Framework Data Amplification Vulnerability (CVE-2020-28923)
CVE-2020-28923
-
Low
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28838)
CVE-2020-28838
CWE-352
Low
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2149)
CVE-2015-2149
CWE-707
Low
TYPO3 Improper Authentication Vulnerability (CVE-2015-2047)
CVE-2015-2047
CWE-287
Low
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5502)
CVE-2012-5502
CWE-707
Low
Apache Tomcat Other Vulnerability (CVE-2007-1858)
CVE-2007-1858
-
Low
Jenkins Improper Input Validation Vulnerability (CVE-2015-1808)
CVE-2015-1808
CWE-20
Low
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-1807)
CVE-2015-1807
CWE-22
Low
MySQL CVE-2022-21311 Vulnerability (CVE-2022-21311)
CVE-2022-21311
-
Low
Apache HTTP Server Other Vulnerability (CVE-2007-1742)
CVE-2007-1742
-
Low
«
1
...
197
198
199
...
201
»