🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Mailman Other Vulnerability (CVE-2002-0388)
CVE-2002-0388
-
High
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-42033)
CVE-2026-42033
CWE-1321
High
Apache HTTP Server CVE-2002-0392 Vulnerability (CVE-2002-0392)
CVE-2002-0392
-
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-41284)
CVE-2026-41284
CWE-770
High
PHP Numeric Errors Vulnerability (CVE-2011-1092)
CVE-2011-1092
-
High
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493)
CVE-2002-0493
-
High
Squid Other Vulnerability (CVE-2024-25617)
CVE-2024-25617
-
High
Oracle Database Server Other Vulnerability (CVE-2002-0567)
CVE-2002-0567
-
High
Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25978)
CVE-2024-25978
CWE-770
High
Oracle Application Server Other Vulnerability (CVE-2002-0561)
CVE-2002-0561
-
High
math.js Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2026-41139)
CVE-2026-41139
CWE-915
High
math.js Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2026-40897)
CVE-2026-40897
CWE-915
High
Oracle Application Server Other Vulnerability (CVE-2002-0564)
CVE-2002-0564
-
High
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2026-40384)
CVE-2026-40384
CWE-22
High
SharePoint CVE-2024-30100 Vulnerability (CVE-2024-30100)
CVE-2024-30100
-
High
Contao Insufficient Session Expiration Vulnerability (CVE-2024-30262)
CVE-2024-30262
CWE-613
High
Apache HTTP Server Other Vulnerability (CVE-2004-0885)
CVE-2004-0885
-
High
Chamilo Improper Privilege Management Vulnerability (CVE-2026-33706)
CVE-2026-33706
CWE-269
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2004-0079)
CVE-2004-0079
CWE-476
High
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2003-1599)
CVE-2003-1599
CWE-94
High
Grafana Improper Access Control Vulnerability (CVE-2026-33381)
CVE-2026-33381
CWE-284
High
Envoy Proxy Other Vulnerability (CVE-2024-34363)
CVE-2024-34363
-
High
Squid Use After Free Vulnerability (CVE-2026-33526)
CVE-2026-33526
CWE-416
High
phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2003-1530)
CVE-2003-1530
CWE-138
High
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4641)
CVE-2010-4641
CWE-138
High
Next.js Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-34351)
CVE-2024-34351
CWE-918
High
PHP Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2010-4657)
CVE-2010-4657
CWE-772
High
Oracle JRE Improper Certificate Validation Vulnerability (CVE-2003-1229)
CVE-2003-1229
CWE-295
High
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2026-33702)
CVE-2026-33702
CWE-639
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2026-33704)
CVE-2026-33704
CWE-434
High
Next.js Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-34350)
CVE-2024-34350
-
High
Apache HTTP Server Other Vulnerability (CVE-2003-0993)
CVE-2003-0993
-
High
Apache HTTP Server Other Vulnerability (CVE-2003-0987)
CVE-2003-0987
-
High
Grafana Insecure Default Initialization of Resource Vulnerability (CVE-2026-33376)
CVE-2026-33376
CWE-1188
High
PostgreSQL Other Vulnerability (CVE-2003-0901)
CVE-2003-0901
-
High
PHP Other Vulnerability (CVE-2003-0863)
CVE-2003-0863
-
High
Chamilo Use of Insufficiently Random Values Vulnerability (CVE-2026-33710)
CVE-2026-33710
CWE-330
High
Werkzeug WSGI Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34069)
CVE-2024-34069
CWE-352
High
EspoCRM Relative Path Traversal Vulnerability (CVE-2026-33733)
CVE-2026-33733
CWE-23
High
Moodle CVE-2024-34009 Vulnerability (CVE-2024-34009)
CVE-2024-34009
-
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4696)
CVE-2010-4696
CWE-138
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34008)
CVE-2024-34008
CWE-352
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34007)
CVE-2024-34007
CWE-352
High
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0542)
CVE-2003-0542
CWE-119
High
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-33938)
CVE-2026-33938
CWE-94
High
Handlebars Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2026-33939)
CVE-2026-33939
CWE-754
High
PHP Other Vulnerability (CVE-2003-0249)
CVE-2003-0249
-
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34001)
CVE-2024-34001
CWE-352
High
Grafana Improper Authentication Vulnerability (CVE-2026-33377)
CVE-2026-33377
CWE-287
High
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2025-55753)
CVE-2025-55753
CWE-190
High
Microsoft SQL Server Other Vulnerability (CVE-2003-0232)
CVE-2003-0232
-
High
Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-36694)
CVE-2024-36694
CWE-94
High
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002)
CVE-2024-38002
CWE-863
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)
CVE-2024-38002
CWE-863
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901)
CVE-2024-37901
CWE-94
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-33034)
CVE-2026-33034
CWE-770
High
MySQL Other Vulnerability (CVE-2004-0835)
CVE-2004-0835
-
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899)
CVE-2024-37899
CWE-94
High
Apache HTTP Server Other Vulnerability (CVE-2004-0811)
CVE-2004-0811
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-33110)
CVE-2026-33110
CWE-502
High
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-3864)
CVE-2010-3864
CWE-362
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-33112)
CVE-2026-33112
CWE-502
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37821)
CVE-2024-37821
CWE-94
High
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0747)
CVE-2004-0747
CWE-131
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4166)
CVE-2010-4166
CWE-138
High
mod_ssl Other Vulnerability (CVE-2004-0700)
CVE-2004-0700
-
High
Craft CMS Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2026-33157)
CVE-2026-33157
CWE-470
High
Apache HTTP Server Improper Locking Vulnerability (CVE-2004-0174)
CVE-2004-0174
CWE-667
High
Ruby on Rails Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-33174)
CVE-2026-33174
CWE-789
High
Internet Information Services Other Vulnerability (CVE-2004-0205)
CVE-2004-0205
-
High
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2026-33176)
CVE-2026-33176
CWE-400
High
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)
CVE-2010-4558
CWE-94
High
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34469)
CVE-2024-34469
CWE-707
High
MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-34506)
CVE-2024-34506
CWE-400
High
MediaWiki Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2024-34507)
CVE-2024-34507
CWE-707
High
«
1
...
56
57
58
...
200
»