Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-62519)
CVE-2025-62519
CWE-138
High
SharePoint Use After Free Vulnerability (CVE-2025-62562)
CVE-2025-62562
CWE-416
High
Piwigo Improper Access Control Vulnerability (CVE-2016-10085)
CVE-2016-10085
CWE-284
High
Piwigo Improper Access Control Vulnerability (CVE-2016-10084)
CVE-2016-10084
CWE-284
High
SharePoint Use After Free Vulnerability (CVE-2025-62555)
CVE-2025-62555
CWE-416
High
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10073)
CVE-2016-10073
CWE-200
High
SharePoint Use After Free Vulnerability (CVE-2025-62558)
CVE-2025-62558
CWE-416
High
SharePoint Use After Free Vulnerability (CVE-2025-62559)
CVE-2025-62559
CWE-416
High
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10039)
CVE-2016-10039
CWE-22
High
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10038)
CVE-2016-10038
CWE-22
High
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10037)
CVE-2016-10037
CWE-22
High
Squid Improper Input Validation Vulnerability (CVE-2016-2570)
CVE-2016-2570
CWE-20
High
Squid Improper Input Validation Vulnerability (CVE-2016-2572)
CVE-2016-2572
CWE-20
High
Envoy Proxy Use After Free Vulnerability (CVE-2025-54588)
CVE-2025-54588
CWE-416
High
XWikiplatform CVE-2025-55749 Vulnerability (CVE-2025-55749)
CVE-2025-55749
-
High
CakePHP Improper Input Validation Vulnerability (CVE-2016-4793)
CVE-2016-4793
CWE-20
High
Squid Other Vulnerability (CVE-2016-4556)
CVE-2016-4556
-
High
Squid Improper Input Validation Vulnerability (CVE-2016-4555)
CVE-2016-4555
CWE-20
High
Squid Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-4554)
CVE-2016-4554
CWE-345
High
Squid Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-4553)
CVE-2016-4553
CWE-345
High
React Deserialization of Untrusted Data Vulnerability (CVE-2025-55184)
CVE-2025-55184
CWE-502
High
Next.js Deserialization of Untrusted Data Vulnerability (CVE-2025-55184)
CVE-2025-55184
CWE-502
High
XWikiplatform Relative Path Traversal Vulnerability (CVE-2025-55748)
CVE-2025-55748
CWE-23
High
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2025-55753)
CVE-2025-55753
CWE-190
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-4978)
CVE-2016-4978
CWE-502
High
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4472)
CVE-2016-4472
CWE-119
High
Nginx Other Vulnerability (CVE-2016-4450)
CVE-2016-4450
-
High
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-56421)
CVE-2025-56421
CWE-138
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-56588)
CVE-2025-56588
CWE-94
High
PHP Other Vulnerability (CVE-2016-4343)
CVE-2016-4343
-
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4342)
CVE-2016-4342
CWE-119
High
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-4319)
CVE-2016-4319
CWE-352
High
Craft CMS Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2025-57811)
CVE-2025-57811
CWE-138
High
Next.js Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-57822)
CVE-2025-57822
CWE-918
High
Dot CMS Other Vulnerability (CVE-2016-4803)
CVE-2016-4803
-
High
Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979)
CVE-2016-4979
CWE-284
High
PHP Numeric Errors Vulnerability (CVE-2016-4070)
CVE-2016-4070
-
High
Apache Traffic Server Resource Management Errors Vulnerability (CVE-2016-5396)
CVE-2016-5396
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-54897)
CVE-2025-54897
CWE-502
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2025-54905)
CVE-2025-54905
CWE-822
High
SharePoint Other Vulnerability (CVE-2025-54906)
CVE-2025-54906
-
High
GlassFish CVE-2016-5519 Vulnerability (CVE-2016-5519)
CVE-2016-5519
-
High
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-5424)
CVE-2016-5424
CWE-94
High
PostgreSQL NULL Pointer Dereference Vulnerability (CVE-2016-5423)
CVE-2016-5423
CWE-476
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)
CVE-2016-5406
CWE-264
High
PHP Out-of-bounds Write Vulnerability (CVE-2016-5399)
CVE-2016-5399
CWE-787
High
Apache Tomcat Improper Access Control Vulnerability (CVE-2016-5388)
CVE-2016-5388
CWE-284
High
Envoy Proxy Insufficient Session Expiration Vulnerability (CVE-2025-55162)
CVE-2025-55162
CWE-613
High
Apache HTTP Server CVE-2016-5387 Vulnerability (CVE-2016-5387)
CVE-2016-5387
-
High
PHP Improper Access Control Vulnerability (CVE-2016-5385)
CVE-2016-5385
CWE-284
High
Drupal Improper Access Control Vulnerability (CVE-2016-5385)
CVE-2016-5385
CWE-284
High
LiteSpeed Web Server Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-54939)
CVE-2025-54939
CWE-401
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5096)
CVE-2016-5096
CWE-190
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5095)
CVE-2016-5095
CWE-190
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5094)
CVE-2016-5094
CWE-190
High
PHP Out-of-bounds Read Vulnerability (CVE-2016-5093)
CVE-2016-5093
CWE-125
High
TYPO3 7PK - Security Features Vulnerability (CVE-2016-5091)
CVE-2016-5091
-
High
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-57833)
CVE-2025-57833
CWE-138
High
Roundcube Cross-site Request Forgery (CSRF) Vulnerability (CVE-2016-4069)
CVE-2016-4069
-
High
IBM WebSEAL 7PK - Security Features Vulnerability (CVE-2016-3025)
CVE-2016-3025
-
High
Drupal Improper Access Control Vulnerability (CVE-2016-3162)
CVE-2016-3162
CWE-284
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3282)
CVE-2016-3282
CWE-119
High
PHP Improper Input Validation Vulnerability (CVE-2016-3185)
CVE-2016-3185
CWE-20
High
Drupal Data Processing Errors Vulnerability (CVE-2016-3171)
CVE-2016-3171
-
High
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3169)
CVE-2016-3169
CWE-264
High
Drupal Other Vulnerability (CVE-2016-3167)
CVE-2016-3167
-
High
Drupal Improper Access Control Vulnerability (CVE-2016-3165)
CVE-2016-3165
CWE-284
High
Drupal Other Vulnerability (CVE-2016-3164)
CVE-2016-3164
-
High
Drupal 7PK - Security Features Vulnerability (CVE-2016-3163)
CVE-2016-3163
-
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3142)
CVE-2016-3142
CWE-119
High
MySQL CVE-2016-3471 Vulnerability (CVE-2016-3471)
CVE-2016-3471
-
High
SharePoint Out-of-bounds Read Vulnerability (CVE-2025-59235)
CVE-2025-59235
CWE-125
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-59237)
CVE-2025-59237
CWE-502
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2016-3110)
CVE-2016-3110
CWE-20
High
MongoDb Uncontrolled Resource Consumption Vulnerability (CVE-2016-3104)
CVE-2016-3104
CWE-400
High