🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Oracle HTTP Server Uncontrolled Search Path Element Vulnerability (CVE-2019-5443)
CVE-2019-5443
CWE-427
High
Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-5475)
CVE-2019-5475
CWE-138
High
Oracle JRE CVE-2013-2430 Vulnerability (CVE-2013-2430)
CVE-2013-2430
-
High
Oracle JRE CVE-2013-2429 Vulnerability (CVE-2013-2429)
CVE-2013-2429
-
High
SharePoint CVE-2020-0852 Vulnerability (CVE-2020-0852)
CVE-2020-0852
-
High
WebLogic CVE-2023-21996 Vulnerability (CVE-2023-21996)
CVE-2023-21996
-
High
SharePoint CVE-2020-0850 Vulnerability (CVE-2020-0850)
CVE-2020-0850
-
High
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338)
CVE-2019-6338
CWE-502
High
WebLogic CVE-2023-21964 Vulnerability (CVE-2023-21964)
CVE-2023-21964
-
High
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6340)
CVE-2019-6340
CWE-502
High
WebLogic CVE-2023-21979 Vulnerability (CVE-2023-21979)
CVE-2023-21979
-
High
MySQL CVE-2023-21980 Vulnerability (CVE-2023-21980)
CVE-2023-21980
-
High
Oracle JRE CVE-2013-2394 Vulnerability (CVE-2013-2394)
CVE-2013-2394
-
High
Atlassian Confluence CVE-2023-22512 Vulnerability (CVE-2023-22512)
CVE-2023-22512
-
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-22526)
CVE-2023-22526
CWE-94
High
Joomla Missing Authorization Vulnerability (CVE-2019-9713)
CVE-2019-9713
CWE-862
High
Python CVE-2013-1753 Vulnerability (CVE-2013-1753)
CVE-2013-1753
-
High
PrestaShop Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-25170)
CVE-2023-25170
CWE-352
High
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577)
CVE-2023-25577
CWE-770
High
Magento Session Fixation Vulnerability (CVE-2019-7849)
CVE-2019-7849
CWE-384
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1817)
CVE-2013-1817
CWE-200
High
MediaWiki Improper Input Validation Vulnerability (CVE-2013-1816)
CVE-2013-1816
CWE-20
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1803)
CVE-2013-1803
CWE-138
High
PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1748)
CVE-2013-1748
CWE-138
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-9787)
CVE-2019-9787
CWE-352
High
Perl Resource Management Errors Vulnerability (CVE-2013-1667)
CVE-2013-1667
-
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1635)
CVE-2013-1635
CWE-264
High
IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281)
CVE-2023-26281
CWE-20
High
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470)
CVE-2023-26470
CWE-787
High
XWiki CVE-2023-26471 Vulnerability (CVE-2023-26471)
CVE-2023-26471
-
High
Oracle JRE CVE-2013-1563 Vulnerability (CVE-2013-1563)
CVE-2013-1563
-
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-26472)
CVE-2023-26472
CWE-116
High
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7755)
CVE-2019-7755
CWE-138
High
phpBB Improper Input Validation Vulnerability (CVE-2019-9826)
CVE-2019-9826
CWE-20
High
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2023-22622)
CVE-2023-22622
CWE-400
High
Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)
CVE-2023-23384
-
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
CVE-2023-22792
CWE-1333
High
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-9937)
CVE-2019-9937
CWE-476
High
Sqlite Out-of-bounds Read Vulnerability (CVE-2019-9936)
CVE-2019-9936
CWE-125
High
PostgreSQL Numeric Errors Vulnerability (CVE-2013-1900)
CVE-2013-1900
-
High
Multiple SugarCRM Products Remote Code Execution Vulnerability (CVE-2023-22952)
CVE-2023-22952
-
High
Envoy Proxy Improper Input Validation Vulnerability (CVE-2019-9900)
CVE-2019-9900
CWE-20
High
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-24955)
CVE-2023-24955
CWE-94
High
Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)
CVE-2023-23755
CWE-307
High
Moodle CVE-2023-23923 Vulnerability (CVE-2023-23923)
CVE-2023-23923
-
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-23969)
CVE-2023-23969
CWE-770
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)
CVE-2013-1842
CWE-138
High
Squid Improper Input Validation Vulnerability (CVE-2013-1839)
CVE-2013-1839
CWE-20
High
Python Improper Input Validation Vulnerability (CVE-2023-24329)
CVE-2023-24329
CWE-20
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)
CVE-2023-24580
CWE-400
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
CVE-2019-9511
CWE-770
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29209)
CVE-2023-29209
CWE-94
High
Oracle JRE CVE-2023-21930 Vulnerability (CVE-2023-21930)
CVE-2023-21930
-
High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)
CVE-2023-33945
CWE-138
High
Dolibarr Files or Directories Accessible to External Parties Vulnerability (CVE-2023-33568)
CVE-2023-33568
CWE-552
High
Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)
CVE-2023-33933
-
High
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8323)
CVE-2019-8323
CWE-138
High
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5493)
CVE-2012-5493
CWE-94
High
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)
CVE-2012-5487
CWE-264
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)
CVE-2023-33945
CWE-138
High
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5469)
CVE-2012-5469
CWE-264
High
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8325)
CVE-2019-8325
CWE-138
High
Liferay Portal Missing Authorization Vulnerability (CVE-2023-33948)
CVE-2023-33948
CWE-862
High
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)
CVE-2023-33949
CWE-1188
High
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)
CVE-2023-33949
CWE-1188
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950)
CVE-2023-33950
CWE-1333
High
XWiki Improper Privilege Management Vulnerability (CVE-2023-34465)
CVE-2023-34465
CWE-269
High
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-34467)
CVE-2023-34467
CWE-668
High
Magento Deserialization of Untrusted Data Vulnerability (CVE-2019-8141)
CVE-2019-8141
CWE-502
High
RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8324)
CVE-2019-8324
CWE-94
High
Magento CVE-2019-8137 Vulnerability (CVE-2019-8137)
CVE-2019-8137
-
High
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8322)
CVE-2019-8322
CWE-138
High
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679)
CVE-2023-32679
CWE-138
High
«
1
...
28
29
30
...
200
»