Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-3092)
CVE-2016-3092
CWE-20
High
CubeCart Insufficient Session Expiration Vulnerability (CVE-2025-59335)
CVE-2025-59335
CWE-613
High
Next.js Uncontrolled Resource Consumption Vulnerability (CVE-2025-59471)
CVE-2025-59471
CWE-400
High
Next.js Uncontrolled Resource Consumption Vulnerability (CVE-2025-59472)
CVE-2025-59472
CWE-400
High
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-59541)
CVE-2025-59541
CWE-352
High
MySQL CVE-2016-3440 Vulnerability (CVE-2016-3440)
CVE-2016-3440
-
High
MySQL CVE-2016-3477 Vulnerability (CVE-2016-3477)
CVE-2016-3477
-
High
XWikiplatform Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2025-58049)
CVE-2025-58049
CWE-212
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3948)
CVE-2016-3948
CWE-119
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4054)
CVE-2016-4054
CWE-119
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4052)
CVE-2016-4052
CWE-119
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4051)
CVE-2016-4051
CWE-119
High
Apache HTTP Server Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-58098)
CVE-2025-58098
CWE-201
High
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4041)
CVE-2016-4041
CWE-264
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-4040)
CVE-2016-4040
CWE-138
High
Apache Traffic Server Always-Incorrect Control Flow Implementation Vulnerability (CVE-2025-58136)
CVE-2025-58136
CWE-670
High
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-4029)
CVE-2016-4029
CWE-918
High
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-58754)
CVE-2025-58754
CWE-770
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3947)
CVE-2016-3947
CWE-119
High
SharePoint Out-of-bounds Read Vulnerability (CVE-2025-59232)
CVE-2025-59232
CWE-125
High
Piwigo Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2016-3735)
CVE-2016-3735
CWE-335
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-3734)
CVE-2016-3734
CWE-352
High
Jenkins Other Vulnerability (CVE-2016-3726)
CVE-2016-3726
-
High
TYPO3 Missing Authorization Vulnerability (CVE-2025-59017)
CVE-2025-59017
CWE-862
High
TYPO3 Missing Authorization Vulnerability (CVE-2025-59022)
CVE-2025-59022
CWE-862
High
SharePoint Use After Free Vulnerability (CVE-2025-59221)
CVE-2025-59221
CWE-416
High
SharePoint Use After Free Vulnerability (CVE-2025-59222)
CVE-2025-59222
CWE-416
High
SharePoint CVE-2025-59228 Vulnerability (CVE-2025-59228)
CVE-2025-59228
-
High
WebLogic CVE-2016-3505 Vulnerability (CVE-2016-3505)
CVE-2016-3505
-
High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001)
CVE-2019-15001
CWE-94
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18650)
CVE-2019-18650
CWE-352
High
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)
CVE-2019-15225
CWE-770
High
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)
CVE-2021-3980
CWE-359
High
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-40662)
CVE-2021-40662
CWE-352
High
Piwigo Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-40553)
CVE-2021-40553
CWE-138
High
SharePoint CVE-2021-40487 Vulnerability (CVE-2021-40487)
CVE-2021-40487
-
High
SharePoint CVE-2021-40482 Vulnerability (CVE-2021-40482)
CVE-2021-40482
-
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-45135)
CVE-2023-45135
CWE-116
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-40317)
CVE-2021-40317
CWE-138
High
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-45363)
CVE-2023-45363
CWE-835
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-40313)
CVE-2021-40313
CWE-138
High
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-45371)
CVE-2023-45371
CWE-770
High
ProjectSend Incorrect Authorization Vulnerability (CVE-2021-40884)
CVE-2021-40884
CWE-863
High
Jboss EAP Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)
CVE-2021-3859
CWE-668
High
Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)
CVE-2021-3859
CWE-668
High
axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749)
CVE-2021-3749
CWE-400
High
Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3737)
CVE-2021-3737
CWE-400
High
YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734)
CVE-2021-3734
CWE-1021
High
Jboss EAP Files or Directories Accessible to External Parties Vulnerability (CVE-2021-3717)
CVE-2021-3717
CWE-552
High
OpenSSL Out-of-bounds Read Vulnerability (CVE-2021-3712)
CVE-2021-3712
CWE-125
High
qdPM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-45855)
CVE-2023-45855
CWE-22
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690)
CVE-2021-3690
CWE-400
High
WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-40690)
CVE-2021-40690
CWE-200
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
CVE-2023-44487
CWE-400
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629)
CVE-2021-3629
CWE-400
High
Oracle HTTP Server Other Vulnerability (CVE-2021-41617)
CVE-2021-41617
-
High
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-42040)
CVE-2021-42040
CWE-835
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
CVE-2023-44487
CWE-400
High
Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)
CVE-2021-41824
CWE-1236
High
Jenkins CVE-2023-44487 Vulnerability (CVE-2023-44487)
CVE-2023-44487
-
High
Ruby CVE-2021-41819 Vulnerability (CVE-2021-41819)
CVE-2021-41819
-
High
Ruby Other Vulnerability (CVE-2021-41817)
CVE-2021-41817
-
High
MediaWiki Incorrect Authorization Vulnerability (CVE-2021-41801)
CVE-2021-41801
CWE-863
High
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41799)
CVE-2021-41799
CWE-770
High
Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-41773)
CVE-2021-41773
CWE-22
High
Squid Improper Certificate Validation Vulnerability (CVE-2021-41611)
CVE-2021-41611
CWE-295
High
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-41079)
CVE-2021-41079
CWE-835
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-41585)
CVE-2021-41585
CWE-20
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-41524)
CVE-2021-41524
CWE-476
High
SharePoint CVE-2021-41344 Vulnerability (CVE-2021-41344)
CVE-2021-41344
-
High
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41312)
CVE-2021-41312
CWE-287
High
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41307)
CVE-2021-41307
CWE-639
High
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41306)
CVE-2021-41306
CWE-639
High
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41305)
CVE-2021-41305
CWE-639
High
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-41113)
CVE-2021-41113
CWE-352
High