Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15730)
CVE-2017-15730
CWE-352
High
PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-14798)
CVE-2017-14798
CWE-362
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8743)
CVE-2017-8743
CWE-119
High
WordPress CVE-2017-1001000 Vulnerability (CVE-2017-1001000)
CVE-2017-1001000
-
High
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968)
CVE-2025-32968
CWE-138
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-32873)
CVE-2025-32873
CWE-770
High
WordPress Improper Input Validation Vulnerability (CVE-2017-1000600)
CVE-2017-1000600
CWE-20
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8810)
CVE-2017-8810
CWE-200
High
Craft CMS Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2025-46731)
CVE-2025-46731
CWE-138
High
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8814)
CVE-2017-8814
CWE-20
High
Liferay DXP Incorrect Authorization Vulnerability (CVE-2025-3586)
CVE-2025-3586
CWE-863
High
Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-16877)
CVE-2017-16877
CWE-22
High
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415)
CVE-2017-7415
CWE-200
High
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480)
CVE-2017-5480
CWE-22
High
OpenSSL Out-of-bounds Read Vulnerability (CVE-2017-3731)
CVE-2017-3731
CWE-125
High
OpenSSL Improper Input Validation Vulnerability (CVE-2017-3733)
CVE-2017-3733
CWE-20
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3642)
CVE-2025-3642
CWE-94
High
Question2Answer Improper Input Validation Vulnerability (CVE-2017-12775)
CVE-2017-12775
CWE-20
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-11628)
CVE-2017-11628
CWE-119
High
IBM RTC Inadequate Encryption Strength Vulnerability (CVE-2017-1701)
CVE-2017-1701
CWE-326
High
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5475)
CVE-2017-5475
CWE-352
High
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-1103)
CVE-2017-1103
CWE-611
High
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5476)
CVE-2017-5476
CWE-352
High
Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)
CVE-2017-18375
CWE-502
High
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466)
CVE-2017-11466
CWE-434
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2017-3730)
CVE-2017-3730
CWE-476
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5489)
CVE-2017-5489
CWE-352
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-18260)
CVE-2017-18260
CWE-138
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5492)
CVE-2017-5492
CWE-352
High
WordPress Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2017-5493)
CVE-2017-5493
CWE-338
High
Liferay Portal Uncontrolled Resource Consumption Vulnerability (CVE-2025-43796)
CVE-2025-43796
CWE-400
High
Moment.js Uncontrolled Resource Consumption Vulnerability (CVE-2017-18214)
CVE-2017-18214
CWE-400
High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113)
CVE-2017-18113
CWE-94
High
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5609)
CVE-2017-5609
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17920)
CVE-2017-17920
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17919)
CVE-2017-17919
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17917)
CVE-2017-17917
CWE-138
High
ZenCart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-11675)
CVE-2017-11675
CWE-94
High
MySQL Integer Overflow or Wraparound Vulnerability (CVE-2017-3599)
CVE-2017-3599
CWE-190
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5647)
CVE-2017-5647
CWE-200
High
Jboss EAP CVE-2017-12189 Vulnerability (CVE-2017-12189)
CVE-2017-12189
-
High
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615)
CVE-2017-12615
CWE-434
High
Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-3187)
CVE-2017-3187
CWE-352
High
LimeSurvey Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-41074)
CVE-2025-41074
CWE-835
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12616)
CVE-2017-12616
CWE-200
High
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
CVE-2017-12617
CWE-434
High
GlassFish CVE-2017-3249 Vulnerability (CVE-2017-3249)
CVE-2017-3249
-
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
CVE-2017-2670
CWE-835
High
Varnish Cache Integer Overflow or Wraparound Vulnerability (CVE-2017-12425)
CVE-2017-12425
CWE-190
High
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3250)
CVE-2017-3250
CWE-200
High
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
CVE-2017-2670
CWE-835
High
MySQL Use After Free Vulnerability (CVE-2017-3302)
CVE-2017-3302
CWE-416
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)
CVE-2017-12174
CWE-400
High
WebLogic CVE-2017-3531 Vulnerability (CVE-2017-3531)
CVE-2017-3531
-
High
Jboss EAP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
CVE-2017-12617
CWE-434
High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-2608)
CVE-2017-2608
CWE-502
High
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
CVE-2017-12165
CWE-444
High
Python Uncontrolled Search Path Element Vulnerability (CVE-2017-20052)
CVE-2017-20052
CWE-427
High
MySQL CVE-2017-3308 Vulnerability (CVE-2017-3308)
CVE-2017-3308
-
High
MySQL CVE-2017-3309 Vulnerability (CVE-2017-3309)
CVE-2017-3309
-
High
MySQL CVE-2017-3329 Vulnerability (CVE-2017-3329)
CVE-2017-3329
-
High
MySQL CVE-2017-3450 Vulnerability (CVE-2017-3450)
CVE-2017-3450
-
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
CVE-2017-12165
CWE-444
High
WebLogic CVE-2017-3506 Vulnerability (CVE-2017-3506)
CVE-2017-3506
-
High
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20030)
CVE-2017-20030
CWE-138
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3641)
CVE-2025-3641
CWE-94
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17916)
CVE-2017-17916
CWE-138
High
GlassFish CVE-2017-10391 Vulnerability (CVE-2017-10391)
CVE-2017-10391
-
High
Liferay DXP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-43816)
CVE-2025-43816
CWE-401
High
PHP Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2017-11144)
CVE-2017-11144
CWE-754
High
PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)
CVE-2017-11143
CWE-502
High
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14033)
CVE-2017-14033
CWE-119
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2017-11142)
CVE-2017-11142
CWE-400
High
Ruby Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-17405)
CVE-2017-17405
CWE-138
High
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6926)
CVE-2017-6926
CWE-200
High