Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
MongoDb Use After Free Vulnerability (CVE-2025-6706)
CVE-2025-6706
CWE-416
High
MongoDb CVE-2025-6709 Vulnerability (CVE-2025-6709)
CVE-2025-6709
-
High
Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-67853)
CVE-2025-67853
CWE-307
High
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2015-8751)
CVE-2015-8751
CWE-190
High
MediaWiki Improper Access Control Vulnerability (CVE-2015-8008)
CVE-2015-8008
CWE-284
High
PHP Resource Management Errors Vulnerability (CVE-2015-8877)
CVE-2015-8877
-
High
MySQL CVE-2016-0546 Vulnerability (CVE-2016-0546)
CVE-2016-0546
-
High
Tornado Uncontrolled Resource Consumption Vulnerability (CVE-2025-67725)
CVE-2025-67725
CWE-400
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-8994)
CVE-2015-8994
CWE-264
High
MyBB Insertion of Sensitive Information into Log File Vulnerability (CVE-2015-8977)
CVE-2015-8977
CWE-532
High
Tornado Uncontrolled Resource Consumption Vulnerability (CVE-2025-67726)
CVE-2025-67726
CWE-400
High
MyBB Improper Access Control Vulnerability (CVE-2015-8973)
CVE-2015-8973
CWE-284
High
React Deserialization of Untrusted Data Vulnerability (CVE-2025-67779)
CVE-2025-67779
CWE-502
High
PHP Improper Input Validation Vulnerability (CVE-2015-8879)
CVE-2015-8879
CWE-20
High
Next.js Deserialization of Untrusted Data Vulnerability (CVE-2025-67779)
CVE-2025-67779
CWE-502
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)
CVE-2015-8769
CWE-138
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-8874)
CVE-2015-8874
CWE-119
High
PHP Improper Input Validation Vulnerability (CVE-2015-8873)
CVE-2015-8873
CWE-20
High
PHP Cryptographic Issues Vulnerability (CVE-2015-8867)
CVE-2015-8867
-
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-67847)
CVE-2025-67847
CWE-94
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-8865)
CVE-2015-8865
CWE-119
High
Perl Improper Input Validation Vulnerability (CVE-2015-8853)
CVE-2015-8853
CWE-20
High
Varnish Cache Other Vulnerability (CVE-2015-8852)
CVE-2015-8852
-
High
Moodle Improper Handling of Insufficient Permissions or Privileges Vulnerability (CVE-2025-67848)
CVE-2025-67848
CWE-280
High
Dotclear Improper Access Control Vulnerability (CVE-2015-8832)
CVE-2015-8832
CWE-284
High
MongoDb Uncontrolled Recursion Vulnerability (CVE-2025-6710)
CVE-2025-6710
CWE-674
High
MongoDb Improper Authentication Vulnerability (CVE-2015-7882)
CVE-2015-7882
CWE-287
High
SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-21260)
CVE-2026-21260
CWE-200
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6728)
CVE-2015-6728
CWE-352
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1848)
CVE-2026-1848
CWE-770
High
MongoDb Uncontrolled Recursion Vulnerability (CVE-2026-1849)
CVE-2026-1849
CWE-674
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1850)
CVE-2026-1850
CWE-770
High
SharePoint Untrusted Search Path Vulnerability (CVE-2026-20943)
CVE-2026-20943
CWE-426
High
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-6833)
CVE-2015-6833
CWE-22
High
PHP Other Vulnerability (CVE-2015-6832)
CVE-2015-6832
-
High
SharePoint Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-20947)
CVE-2026-20947
CWE-138
High
PHP Use After Free Vulnerability (CVE-2015-6831)
CVE-2015-6831
CWE-416
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2026-20948)
CVE-2026-20948
CWE-822
High
PHP Other Vulnerability (CVE-2015-6836)
CVE-2015-6836
-
High
SharePoint Improper Input Validation Vulnerability (CVE-2026-20951)
CVE-2026-20951
CWE-20
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659)
CVE-2015-6659
CWE-138
High
ownCloud Resource Management Errors Vulnerability (CVE-2015-6500)
CVE-2015-6500
-
High
Magento Improper Input Validation Vulnerability (CVE-2015-6497)
CVE-2015-6497
CWE-20
High
SugarCRM Incomplete List of Disallowed Inputs Vulnerability (CVE-2015-5946)
CVE-2015-5946
CWE-184
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-20963)
CVE-2026-20963
CWE-502
High
Python Other Vulnerability (CVE-2015-5652)
CVE-2015-5652
-
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5591)
CVE-2015-5591
CWE-138
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5590)
CVE-2015-5590
CWE-119
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1847)
CVE-2026-1847
CWE-770
High
PHP Other Vulnerability (CVE-2015-6837)
CVE-2015-6837
-
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7858)
CVE-2015-7858
CWE-138
High
IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7440)
CVE-2015-7440
CWE-264
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7857)
CVE-2015-7857
CWE-138
High
MongoDb Excessive Iteration Vulnerability (CVE-2025-6714)
CVE-2025-6714
CWE-834
High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)
CVE-2015-7581
-
High
Ruby Improper Input Validation Vulnerability (CVE-2015-7551)
CVE-2015-7551
CWE-20
High
Jenkins Insufficient Verification of Data Authenticity Vulnerability (CVE-2015-7539)
CVE-2015-7539
CWE-345
High
Jenkins CVE-2015-7538 Vulnerability (CVE-2015-7538)
CVE-2015-7538
-
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7537)
CVE-2015-7537
CWE-352
High
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-70810)
CVE-2025-70810
CWE-352
High
Sqlite Improper Clearing of Heap Memory Before Release ('Heap Inspection') Vulnerability (CVE-2025-70873)
CVE-2025-70873
CWE-244
High
Jboss EAP Improper Resource Shutdown or Release Vulnerability (CVE-2025-9784)
CVE-2025-9784
CWE-404
High
Jetty Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2026-1605)
CVE-2026-1605
CWE-401
High
ReviveAdserver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-7372)
CVE-2015-7372
CWE-22
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2026-0859)
CVE-2026-0859
CWE-502
High
ReviveAdserver Improper Access Control Vulnerability (CVE-2015-7369)
CVE-2015-7369
CWE-284
High
ReviveAdserver Improper Access Control Vulnerability (CVE-2015-7367)
CVE-2015-7367
CWE-284
High
Plone CMS Improper Input Validation Vulnerability (CVE-2015-7318)
CVE-2015-7318
CWE-20
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7297)
CVE-2015-7297
CWE-138
High
Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7293)
CVE-2015-7293
CWE-352
High
Django Inefficient Algorithmic Complexity Vulnerability (CVE-2026-1285)
CVE-2026-1285
CWE-407
High
PHP Other Vulnerability (CVE-2015-6838)
CVE-2015-6838
-
High
Underscore.js Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-27601)
CVE-2026-27601
CWE-770
High
PostgreSQL Out-of-bounds Write Vulnerability (CVE-2015-0242)
CVE-2015-0242
CWE-787
High
WebLogic CVE-2016-0573 Vulnerability (CVE-2016-0573)
CVE-2016-0573
-
High