🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)
CVE-2016-9268
CWE-434
High
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9456)
CVE-2016-9456
CWE-352
High
SharePoint CVE-2020-1448 Vulnerability (CVE-2020-1448)
CVE-2020-1448
-
High
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)
CVE-2019-10210
CWE-20
High
Python URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-28861)
CVE-2021-28861
CWE-601
High
Ruby Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-28965)
CVE-2021-28965
CWE-611
High
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28966)
CVE-2021-28966
CWE-22
High
ownCloud Improper Authentication Vulnerability (CVE-2016-9463)
CVE-2016-9463
CWE-287
High
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)
CVE-2016-9455
CWE-352
High
SharePoint CVE-2020-1446 Vulnerability (CVE-2020-1446)
CVE-2020-1446
-
High
Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450)
CVE-2016-9450
CWE-345
High
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9418)
CVE-2016-9418
CWE-200
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9417)
CVE-2016-9417
CWE-918
High
SharePoint CVE-2020-1447 Vulnerability (CVE-2020-1447)
CVE-2020-1447
-
High
MyBB Improper Access Control Vulnerability (CVE-2016-9415)
CVE-2016-9415
CWE-284
High
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9414)
CVE-2016-9414
CWE-200
High
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)
CVE-2021-29047
CWE-287
High
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)
CVE-2019-10946
CWE-306
High
Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9187)
CVE-2016-9187
CWE-434
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10208)
CVE-2019-10208
CWE-138
High
SharePoint CVE-2020-1178 Vulnerability (CVE-2020-1178)
CVE-2020-1178
-
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)
CVE-2016-8657
CWE-264
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)
CVE-2016-8656
CWE-264
High
IBM RTC Improper Privilege Management Vulnerability (CVE-2021-29774)
CVE-2021-29774
CWE-269
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600)
CVE-2016-8600
CWE-264
High
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-8740)
CVE-2016-8740
-
High
IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-29844)
CVE-2021-29844
CWE-918
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-7919)
CVE-2016-7919
CWE-138
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)
CVE-2016-7902
CWE-434
High
WebLogic CVE-2021-2018 Vulnerability (CVE-2021-2018)
CVE-2021-2018
-
High
Dolibarr CVE-2019-11200 Vulnerability (CVE-2019-11200)
CVE-2019-11200
-
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-11201)
CVE-2019-11201
CWE-94
High
SharePoint CVE-2020-1181 Vulnerability (CVE-2020-1181)
CVE-2020-1181
-
High
Apache HTTP Server CVE-2016-8743 Vulnerability (CVE-2016-8743)
CVE-2016-8743
-
High
Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9186)
CVE-2016-9186
CWE-434
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8907)
CVE-2016-8907
CWE-138
High
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1200)
CVE-2020-1200
CWE-494
High
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127)
CVE-2016-9127
CWE-352
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)
CVE-2019-11041
CWE-125
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11042)
CVE-2019-11042
CWE-125
High
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
CVE-2016-9014
CWE-264
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8908)
CVE-2016-8908
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8906)
CVE-2016-8906
CWE-138
High
Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)
CVE-2016-8745
-
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)
CVE-2016-8905
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)
CVE-2016-8904
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8903)
CVE-2016-8903
CWE-138
High
PHP Other Vulnerability (CVE-2019-11044)
CVE-2019-11044
-
High
Joomla Improper Input Validation Vulnerability (CVE-2016-8870)
CVE-2016-8870
CWE-20
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11046)
CVE-2019-11046
CWE-125
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747)
CVE-2016-8747
CWE-200
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683)
CVE-2021-28683
CWE-476
High
Envoy Proxy Integer Overflow or Wraparound Vulnerability (CVE-2021-28682)
CVE-2021-28682
CWE-190
High
PHP Other Vulnerability (CVE-2016-7478)
CVE-2016-7478
-
High
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2019-10097)
CVE-2019-10097
CWE-476
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
CVE-2019-10086
CWE-502
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
CVE-2019-10086
CWE-502
High
RubyGems Origin Validation Error Vulnerability (CVE-2017-0902)
CVE-2017-0902
CWE-346
High
RubyGems Improper Input Validation Vulnerability (CVE-2017-0901)
CVE-2017-0901
CWE-20
High
RubyGems Improper Input Validation Vulnerability (CVE-2017-0900)
CVE-2017-0900
CWE-20
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)
CVE-2019-10097
CWE-787
High
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10127)
CVE-2019-10127
CWE-284
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000014)
CVE-2017-1000014
CWE-20
High
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10128)
CVE-2019-10128
CWE-284
High
SharePoint CVE-2020-1460 Vulnerability (CVE-2020-1460)
CVE-2020-1460
-
High
MediaWiki CVE-2017-0371 Vulnerability (CVE-2017-0371)
CVE-2017-0371
-
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27973)
CVE-2021-27973
CWE-138
High
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-0367)
CVE-2017-0367
CWE-668
High
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1453)
CVE-2020-1453
CWE-494
High
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)
CVE-2021-27962
CWE-732
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000016)
CVE-2017-1000016
CWE-20
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-0362)
CVE-2017-0362
CWE-352
High
«
1
...
47
48
49
...
200
»