Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
PHP Improper Encoding or Escaping of Output Vulnerability (CVE-2024-5585)
CVE-2024-5585
CWE-116
High
ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)
CVE-2024-5762
CWE-829
High
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2024-6119)
CVE-2024-6119
CWE-843
High
Squid Improper Input Validation Vulnerability (CVE-2019-12520)
CVE-2019-12520
CWE-20
High
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-6232)
CVE-2024-6232
CWE-1333
High
MediaWiki CVE-2019-12474 Vulnerability (CVE-2019-12474)
CVE-2019-12474
-
High
MediaWiki CVE-2019-12473 Vulnerability (CVE-2019-12473)
CVE-2019-12473
-
High
MediaWiki CVE-2019-12472 Vulnerability (CVE-2019-12472)
CVE-2019-12472
-
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12466)
CVE-2019-12466
CWE-352
High
Perl Out-of-bounds Write Vulnerability (CVE-2024-56406)
CVE-2024-56406
CWE-787
High
phpMyFAQ Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2024-56199)
CVE-2024-56199
CWE-707
High
Apache Tomcat Insufficiently Protected Credentials Vulnerability (CVE-2019-12418)
CVE-2019-12418
CWE-522
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55879)
CVE-2024-55879
CWE-862
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662)
CVE-2024-55662
CWE-863
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)
CVE-2019-14888
CWE-400
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)
CVE-2019-14888
CWE-400
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877)
CVE-2024-55877
CWE-94
High
Jboss EAP Incorrect Authorization Vulnerability (CVE-2019-14843)
CVE-2019-14843
CWE-863
High
Werkzeug WSGI Insufficient Entropy Vulnerability (CVE-2019-14806)
CVE-2019-14806
CWE-331
High
osTicket Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-14749)
CVE-2019-14749
CWE-1236
High
Joomla CVE-2019-14654 Vulnerability (CVE-2019-14654)
CVE-2019-14654
-
High
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-55885)
CVE-2024-55885
CWE-327
High
Python Files or Directories Accessible to External Parties Vulnerability (CVE-2019-13404)
CVE-2019-13404
CWE-552
High
phpMyFAQ User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2024-55889)
CVE-2024-55889
CWE-451
High
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55921)
CVE-2024-55921
CWE-749
High
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55924)
CVE-2024-55924
CWE-352
High
EspoCRM Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2019-14351)
CVE-2019-14351
CWE-307
High
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-14322)
CVE-2019-14322
CWE-22
High
Django Uncontrolled Recursion Vulnerability (CVE-2019-14235)
CVE-2019-14235
CWE-674
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14233)
CVE-2019-14233
CWE-400
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14232)
CVE-2019-14232
CWE-400
High
PrestaShop Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-13461)
CVE-2019-13461
CWE-639
High
silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12437)
CVE-2019-12437
CWE-352
High
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385)
CVE-2019-12385
CWE-138
High
Undertow Missing Authorization Vulnerability (CVE-2019-10184)
CVE-2019-10184
CWE-862
High
axios Improper Input Validation Vulnerability (CVE-2019-10742)
CVE-2019-10742
CWE-20
High
Python Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-9287)
CVE-2024-9287
CWE-138
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2024-9823)
CVE-2024-9823
CWE-400
High
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)
CVE-2019-10946
CWE-306
High
WordPress Ultimate Member Plugin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-0308)
CVE-2025-0308
CWE-138
High
Drupal Improper Authentication Vulnerability (CVE-2019-10911)
CVE-2019-10911
CWE-287
High
MongoDb Heap-based Buffer Overflow Vulnerability (CVE-2025-0755)
CVE-2025-0755
CWE-122
High
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768)
CVE-2019-10768
CWE-20
High
MongoDb Operation on a Resource after Expiration or Release Vulnerability (CVE-2025-10060)
CVE-2025-10060
CWE-672
High
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10673)
CVE-2019-10673
CWE-352
High
PHP Other Vulnerability (CVE-2024-8927)
CVE-2024-8927
-
High
Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10642)
CVE-2019-10642
CWE-352
High
MOVEit Transfer Unverified Password Change Vulnerability (CVE-2025-11235)
CVE-2025-11235
CWE-620
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10384)
CVE-2019-10384
CWE-352
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10353)
CVE-2019-10353
CWE-352
High
WordPress Ultimate Member Plugin Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10270)
CVE-2019-10270
CWE-640
High
e107 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-11941)
CVE-2025-11941
CWE-22
High
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)
CVE-2019-10210
CWE-20
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10208)
CVE-2019-10208
CWE-138
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10186)
CVE-2019-10186
CWE-352
High
Grafana Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-9264)
CVE-2024-9264
CWE-138
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)
CVE-2019-11041
CWE-125
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)
CVE-2019-12170
CWE-434
High
ProjectSend Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-11492)
CVE-2019-11492
CWE-532
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169)
CVE-2019-12169
CWE-434
High
PHPFusion Code Execution Vulnerability (CVE-2019-12099)
CVE-2019-12099
-
High
TYPO3 Improper Input Validation Vulnerability (CVE-2019-11832)
CVE-2019-11832
CWE-20
High
PostgreSQL Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2024-7348)
CVE-2024-7348
CWE-367
High
MongoDb CVE-2024-7553 Vulnerability (CVE-2024-7553)
CVE-2024-7553
-
High
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-7592)
CVE-2024-7592
CWE-1333
High
ProjectSend Use of Insufficiently Random Values Vulnerability (CVE-2024-7659)
CVE-2024-7659
CWE-330
High
Jboss EAP CVE-2024-7885 Vulnerability (CVE-2024-7885)
CVE-2024-7885
-
High
CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458)
CVE-2019-11458
CWE-502
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11042)
CVE-2019-11042
CWE-125
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)
CVE-2019-11446
CWE-434
High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444)
CVE-2019-11444
CWE-138
High
ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11378)
CVE-2019-11378
CWE-434
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-11201)
CVE-2019-11201
CWE-94
High
Dolibarr CVE-2019-11200 Vulnerability (CVE-2019-11200)
CVE-2019-11200
-
High
Payara Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-8215)
CVE-2024-8215
CWE-707
High