🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14673 vulnerabilities
in this category.
Critical: 1573
High: 3882
Medium: 8446
Low: 770
Information: 2
Vulnerability Name
CVE
CWE
Severity
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7416)
CVE-2016-7416
CWE-119
High
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-50191)
CVE-2025-50191
CWE-138
High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2025-50193)
CVE-2025-50193
CWE-138
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7412)
CVE-2016-7412
CWE-119
High
Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797)
CVE-2016-6797
CWE-863
High
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668)
CVE-2016-6668
CWE-200
High
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-8740)
CVE-2016-8740
-
High
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)
CVE-2016-6211
CWE-264
High
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6302)
CVE-2016-6302
CWE-20
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6297)
CVE-2016-6297
CWE-119
High
Apache HTTP Server Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-53020)
CVE-2025-53020
CWE-401
High
Oracle JRE Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-53066)
CVE-2025-53066
CWE-200
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2025-53506)
CVE-2025-53506
CWE-400
High
SharePoint Incorrect Conversion between Numeric Types Vulnerability (CVE-2025-53733)
CVE-2025-53733
CWE-681
High
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-53760)
CVE-2025-53760
CWE-918
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-6289)
CVE-2016-6289
CWE-190
High
Perl CVE-2016-6185 Vulnerability (CVE-2016-6185)
CVE-2016-6185
-
High
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6305)
CVE-2016-6305
CWE-20
High
PHP CVE-2016-6174 Vulnerability (CVE-2016-6174)
CVE-2016-6174
-
High
WordPress CVE-2016-5839 Vulnerability (CVE-2016-5839)
CVE-2016-5839
-
High
WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)
CVE-2016-5838
-
High
WordPress CVE-2016-5837 Vulnerability (CVE-2016-5837)
CVE-2016-5837
-
High
WordPress CVE-2016-5836 Vulnerability (CVE-2016-5836)
CVE-2016-5836
-
High
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)
CVE-2016-5835
CWE-200
High
WordPress CVE-2016-5832 Vulnerability (CVE-2016-5832)
CVE-2016-5832
-
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-53836)
CVE-2025-53836
CWE-863
High
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5739)
CVE-2016-5739
CWE-200
High
OpenSSL Resource Management Errors Vulnerability (CVE-2016-6304)
CVE-2016-6304
-
High
ReviveAdserver Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-52664)
CVE-2025-52664
CWE-138
High
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-6664)
CVE-2016-6664
CWE-59
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6619)
CVE-2016-6619
CWE-138
High
MySQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2016-6663)
CVE-2016-6663
CWE-362
High
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-52434)
CVE-2025-52434
CWE-362
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6635)
CVE-2016-6635
CWE-352
High
phpMyAdmin CVE-2016-6633 Vulnerability (CVE-2016-6633)
CVE-2016-6633
-
High
phpMyAdmin Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-6631)
CVE-2016-6631
CWE-138
High
Chamilo Improper Enforcement of Behavioral Workflow Vulnerability (CVE-2025-52469)
CVE-2025-52469
CWE-841
High
phpMyAdmin Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-6621)
CVE-2016-6621
CWE-918
High
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52482)
CVE-2025-52482
CWE-707
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6617)
CVE-2016-6617
CWE-138
High
Ruby on Rails Improper Access Control Vulnerability (CVE-2016-6317)
CVE-2016-6317
CWE-284
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6616)
CVE-2016-6616
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6611)
CVE-2016-6611
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-6609)
CVE-2016-6609
CWE-138
High
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6606)
CVE-2016-6606
CWE-200
High
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2025-52520)
CVE-2025-52520
CWE-190
High
MediaWiki Improper Access Control Vulnerability (CVE-2016-6337)
CVE-2016-6337
CWE-284
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6335)
CVE-2016-6335
CWE-200
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6332)
CVE-2016-6332
CWE-200
High
MediaWiki Improper Access Control Vulnerability (CVE-2016-6331)
CVE-2016-6331
CWE-284
High
Liferay DXP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-4581)
CVE-2025-4581
CWE-918
High
Apache HTTP Server CVE-2016-8743 Vulnerability (CVE-2016-8743)
CVE-2016-8743
-
High
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-54417)
CVE-2025-54417
CWE-94
High
ReviveAdserver Improper Access Control Vulnerability (CVE-2025-48986)
CVE-2025-48986
CWE-284
High
SharePoint CVE-2017-0281 Vulnerability (CVE-2017-0281)
CVE-2017-0281
-
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-0254)
CVE-2017-0254
CWE-119
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249)
CVE-2017-0249
CWE-20
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247)
CVE-2017-0247
CWE-20
High
XWikiplatform CVE-2025-48063 Vulnerability (CVE-2025-48063)
CVE-2025-48063
-
High
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-48940)
CVE-2025-48940
CWE-22
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-9934)
CVE-2016-9934
CWE-476
High
Roundcube Improper Access Control Vulnerability (CVE-2016-9920)
CVE-2016-9920
CWE-284
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-48988)
CVE-2025-48988
CWE-770
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-0362)
CVE-2017-0362
CWE-352
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-9864)
CVE-2016-9864
CWE-138
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9863)
CVE-2016-9863
CWE-20
High
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-9862)
CVE-2016-9862
CWE-94
High
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9861)
CVE-2016-9861
-
High
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2025-48989)
CVE-2025-48989
CWE-404
High
MySQL CVE-2016-9842 Vulnerability (CVE-2016-9842)
CVE-2016-9842
-
High
MySQL CVE-2016-9840 Vulnerability (CVE-2016-9840)
CVE-2016-9840
-
High
Joomla Improper Access Control Vulnerability (CVE-2016-9838)
CVE-2016-9838
CWE-284
High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)
CVE-2016-9837
CWE-264
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-0361)
CVE-2017-0361
CWE-200
High
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-0367)
CVE-2017-0367
CWE-668
High
«
1
...
34
35
36
...
196
»
