🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
SharePoint CVE-2024-38228 Vulnerability (CVE-2024-38228)
CVE-2024-38228
-
High
SharePoint CVE-2024-38227 Vulnerability (CVE-2024-38227)
CVE-2024-38227
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38094)
CVE-2024-38094
CWE-502
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38024)
CVE-2024-38024
CWE-502
High
GeoServer Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-38524)
CVE-2024-38524
CWE-200
High
LimeSurvey Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-39063)
CVE-2024-39063
CWE-352
High
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40748)
CVE-2024-40748
CWE-707
High
Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-31019)
CVE-2026-31019
CWE-138
High
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3055)
CVE-2010-3055
CWE-264
High
Moodle Other Vulnerability (CVE-2004-2232)
CVE-2004-2232
-
High
MediaWiki Other Vulnerability (CVE-2004-2186)
CVE-2004-2186
-
High
Caddy Web Server Improper Authentication Vulnerability (CVE-2026-30851)
CVE-2026-30851
CWE-287
High
Caddy Web Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2026-30852)
CVE-2026-30852
CWE-138
High
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-30875)
CVE-2026-30875
CWE-94
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-40597)
CVE-2024-40597
CWE-200
High
e107 Other Vulnerability (CVE-2004-2042)
CVE-2004-2042
-
High
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)
CVE-2024-40465
CWE-327
High
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)
CVE-2024-40464
CWE-295
High
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-30881)
CVE-2026-30881
CWE-138
High
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-3419)
CVE-2010-3419
CWE-94
High
MongoDb Improper Input Validation Vulnerability (CVE-2024-3372)
CVE-2024-3372
CWE-20
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-31018)
CVE-2026-31018
CWE-94
High
LiteSpeed Web Server Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-31386)
CVE-2026-31386
CWE-138
High
Tornado Uncontrolled Resource Consumption Vulnerability (CVE-2026-31958)
CVE-2026-31958
CWE-400
High
Next.js Uncontrolled Resource Consumption Vulnerability (CVE-2024-39693)
CVE-2024-39693
CWE-400
High
TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668)
CVE-2010-3668
CWE-138
High
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)
CVE-2024-39338
CWE-918
High
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2024-39573)
CVE-2024-39573
CWE-20
High
Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-39614)
CVE-2024-39614
CWE-130
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)
CVE-2010-3663
CWE-434
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662)
CVE-2010-3662
CWE-138
High
Chamilo Session Fixation Vulnerability (CVE-2026-31940)
CVE-2026-31940
CWE-384
High
OpenSSL Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2026-31790)
CVE-2026-31790
CWE-754
High
Chamilo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2026-31939)
CVE-2026-31939
CWE-22
High
Craft CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-31858)
CVE-2026-31858
CWE-138
High
Oracle Application Server Other Vulnerability (CVE-2004-1707)
CVE-2004-1707
-
High
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-31857)
CVE-2026-31857
CWE-94
High
Oracle Application Server Other Vulnerability (CVE-2004-1774)
CVE-2004-1774
-
High
Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)
CVE-2010-3600
-
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1615)
CVE-2010-1615
CWE-138
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2026-28389)
CVE-2026-28389
CWE-476
High
SharePoint CVE-2024-38018 Vulnerability (CVE-2024-38018)
CVE-2024-38018
-
High
Envoy Proxy Use After Free Vulnerability (CVE-2026-26330)
CVE-2026-26330
CWE-416
High
phpMyFAQ Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2024-56199)
CVE-2024-56199
CWE-707
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4084)
CVE-2009-4084
CWE-138
High
Moodle Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-26046)
CVE-2026-26046
CWE-138
High
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55924)
CVE-2024-55924
CWE-352
High
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55921)
CVE-2024-55921
CWE-749
High
SharePoint CVE-2026-26106 Vulnerability (CVE-2026-26106)
CVE-2026-26106
-
High
SharePoint Other Vulnerability (CVE-2026-26113)
CVE-2026-26113
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-26114)
CVE-2026-26114
CWE-502
High
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2026-26308)
CVE-2026-26308
CWE-863
High
Moodle Credentials Management Errors Vulnerability (CVE-2009-4304)
CVE-2009-4304
-
High
Envoy Proxy CVE-2026-26310 Vulnerability (CVE-2026-26310)
CVE-2026-26310
-
High
phpMyFAQ User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2024-55889)
CVE-2024-55889
CWE-451
High
ZenCart Other Vulnerability (CVE-2009-4323)
CVE-2009-4323
-
High
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-55885)
CVE-2024-55885
CWE-327
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55879)
CVE-2024-55879
CWE-862
High
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4060)
CVE-2009-4060
CWE-138
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877)
CVE-2024-55877
CWE-94
High
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-27099)
CVE-2026-27099
CWE-707
High
Trac CVE-2009-4405 Vulnerability (CVE-2009-4405)
CVE-2009-4405
-
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662)
CVE-2024-55662
CWE-863
High
MySQL Out-of-bounds Write Vulnerability (CVE-2009-4484)
CVE-2009-4484
CWE-787
High
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)
CVE-2005-2946
CWE-327
High
Drupal Improper Handling of Case Sensitivity Vulnerability (CVE-2024-55634)
CVE-2024-55634
CWE-178
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-53907)
CVE-2024-53907
CWE-770
High
WordPress Other Vulnerability (CVE-2005-2612)
CVE-2005-2612
-
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4566)
CVE-2009-4566
CWE-138
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-53868)
CVE-2024-53868
-
High
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2024-53271)
CVE-2024-53271
CWE-670
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-53270)
CVE-2024-53270
CWE-476
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855)
CVE-2009-4855
CWE-138
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-26045)
CVE-2026-26045
CWE-94
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4045)
CVE-2009-4045
CWE-138
High
«
1
...
52
53
54
...
200
»