Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1027)
CVE-2009-1027
CWE-138
High
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1122)
CVE-2009-1122
CWE-287
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2009-1149)
CVE-2009-1149
CWE-20
High
GibbonEdu Deserialization of Untrusted Data Vulnerability (CVE-2024-24725)
CVE-2024-24725
CWE-502
High
Jboss EAP CVE-2023-3223 Vulnerability (CVE-2023-3223)
CVE-2023-3223
-
High
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-24749)
CVE-2024-24749
CWE-22
High
Undertow CVE-2023-3223 Vulnerability (CVE-2023-3223)
CVE-2023-3223
-
High
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1285)
CVE-2009-1285
CWE-94
High
Oracle Database Server CVE-2009-1963 Vulnerability (CVE-2009-1963)
CVE-2009-1963
-
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-3171)
CVE-2023-3171
CWE-770
High
MathJax Inefficient Regular Expression Complexity Vulnerability (CVE-2023-39663)
CVE-2023-39663
CWE-1333
High
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1433)
CVE-2009-1433
CWE-138
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1499)
CVE-2009-1499
CWE-138
High
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1535)
CVE-2009-1535
CWE-287
High
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-39528)
CVE-2023-39528
CWE-22
High
LimeSurvey CVE-2009-1604 Vulnerability (CVE-2009-1604)
CVE-2009-1604
-
High
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1890)
CVE-2009-1890
CWE-400
High
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1891)
CVE-2009-1891
CWE-400
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2023-39456)
CVE-2023-39456
CWE-20
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39417)
CVE-2023-39417
CWE-138
High
Apache HTTP Server Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2009-1955)
CVE-2009-1955
CWE-776
High
SharePoint CVE-2025-21400 Vulnerability (CVE-2025-21400)
CVE-2025-21400
-
High
WebLogic CVE-2024-20927 Vulnerability (CVE-2024-20927)
CVE-2024-20927
-
High
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2025-21549)
CVE-2025-21549
CWE-400
High
Django Other Vulnerability (CVE-2022-41323)
CVE-2022-41323
-
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41928)
CVE-2022-41928
CWE-707
High
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-41927)
CVE-2022-41927
CWE-352
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742)
CVE-2022-41742
CWE-787
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)
CVE-2022-41741
CWE-787
High
Apache HTTP Server Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-53020)
CVE-2025-53020
CWE-401
High
Apache HTTP Server CVE-2002-0839 Vulnerability (CVE-2002-0839)
CVE-2002-0839
-
High
Lighttpd Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-41556)
CVE-2022-41556
CWE-401
High
PostgreSQL Other Vulnerability (CVE-2002-0802)
CVE-2002-0802
-
High
Squid Out-of-bounds Read Vulnerability (CVE-2022-41318)
CVE-2022-41318
CWE-125
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41931)
CVE-2022-41931
CWE-707
High
PHP Other Vulnerability (CVE-2002-0717)
CVE-2002-0717
-
High
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-29933)
CVE-2022-29933
CWE-640
High
Zope Web Application Server Other Vulnerability (CVE-2002-0688)
CVE-2002-0688
-
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2022-2048)
CVE-2022-2048
CWE-400
High
SharePoint CVE-2022-41062 Vulnerability (CVE-2022-41062)
CVE-2022-41062
-
High
Apache Tomcat Other Vulnerability (CVE-2002-0682)
CVE-2002-0682
-
High
Apache HTTP Server Other Vulnerability (CVE-2002-0661)
CVE-2002-0661
-
High
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2025-30762)
CVE-2025-30762
CWE-306
High
XWiki Missing Authorization Vulnerability (CVE-2022-41930)
CVE-2022-41930
CWE-862
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2025-53506)
CVE-2025-53506
CWE-400
High
SharePoint CVE-2022-41061 Vulnerability (CVE-2022-41061)
CVE-2022-41061
-
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-53836)
CVE-2025-53836
CWE-863
High
Oracle Application Server Other Vulnerability (CVE-2002-0843)
CVE-2002-0843
-
High
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0349)
CVE-1999-0349
CWE-119
High
Internet Information Services Other Vulnerability (CVE-1999-0412)
CVE-1999-0412
-
High
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
CVE-2022-29885
-
High
Oracle Application Server Other Vulnerability (CVE-2002-0842)
CVE-2002-0842
-
High
Internet Information Services Other Vulnerability (CVE-1999-0449)
CVE-1999-0449
-
High
Internet Information Services Other Vulnerability (CVE-1999-0450)
CVE-1999-0450
-
High
Internet Information Services Configuration Vulnerability (CVE-1999-0725)
CVE-1999-0725
-
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)
CVE-2022-42029
CWE-434
High
SharePoint Incorrect Conversion between Numeric Types Vulnerability (CVE-2025-53733)
CVE-2025-53733
CWE-681
High
XWiki Missing Authorization Vulnerability (CVE-2022-41937)
CVE-2022-41937
CWE-862
High
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-41936)
CVE-2022-41936
CWE-359
High
Oracle Database Server Incorrect Authorization Vulnerability (CVE-2025-30751)
CVE-2025-30751
CWE-863
High
Internet Information Services Permissions, Privileges, and Access Controls Vulnerability (CVE-1999-0777)
CVE-1999-0777
CWE-264
High
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-0882)
CVE-2012-0882
CWE-119
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-41934)
CVE-2022-41934
CWE-116
High
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-53760)
CVE-2025-53760
CWE-918
High
Oracle HTTP Server Other Vulnerability (CVE-2007-0279)
CVE-2007-0279
-
High
Apache HTTP Server Other Vulnerability (CVE-1999-1053)
CVE-1999-1053
-
High
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2025-31650)
CVE-2025-31650
CWE-459
High
Apache HTTP Server CVE-1999-0236 Vulnerability (CVE-1999-0236)
CVE-1999-0236
-
High
Apache Traffic Server Improper Access Control Vulnerability (CVE-2025-31698)
CVE-2025-31698
CWE-284
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)
CVE-2022-3358
CWE-476
High
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)
CVE-2022-3143
CWE-203
High
Oracle Application Server Other Vulnerability (CVE-2002-0655)
CVE-2002-0655
-
High
PHP Resource Management Errors Vulnerability (CVE-2012-0830)
CVE-2012-0830
-
High
Oracle Application Server Other Vulnerability (CVE-2002-0569)
CVE-2002-0569
-
High
Drupal Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2025-31674)
CVE-2025-31674
CWE-913
High