Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
Lighttpd Uncontrolled Resource Consumption Vulnerability (CVE-2022-30780)
CVE-2022-30780
CWE-400
High
MySQL Other Vulnerability (CVE-2000-0981)
CVE-2000-0981
-
High
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968)
CVE-2025-32968
CWE-138
High
Play Framework Uncontrolled Resource Consumption Vulnerability (CVE-2022-31018)
CVE-2022-31018
CWE-400
High
SharePoint Improper Authorization Vulnerability (CVE-2025-49701)
CVE-2025-49701
CWE-285
High
JBoss Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1094)
CVE-2012-1094
CWE-200
High
OpenSSL Session Fixation Vulnerability (CVE-1999-0428)
CVE-1999-0428
CWE-384
High
PHP Release of Invalid Pointer or Reference Vulnerability (CVE-2022-31625)
CVE-2022-31625
CWE-763
High
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2025-26642)
CVE-2025-26642
CWE-190
High
Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-45782)
CVE-2022-45782
CWE-338
High
MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities
CVE-2012-6081
CWE-434
High
MediaWiki multiple remote vulnerabilities
CVE-2012-4378
CWE-79
High
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities
CVE-2012-3302
CWE-79
High
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-2506)
CVE-2011-2506
CWE-94
High
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45867)
CVE-2022-45867
CWE-22
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129)
CVE-2022-28129
CWE-20
High
Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)
CVE-2022-47184
-
High
Liferay JSON service API authentication vulnerability
-
CWE-287
High
Kayako Fusion v4.51.1891 - multiple web vulnerabilities
-
CWE-79
High
PostgreSQL Other Vulnerability (CVE-2012-1618)
CVE-2012-1618
-
High
Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1675)
CVE-2012-1675
CWE-264
High
Oracle Database Server CVE-2011-2301 Vulnerability (CVE-2011-2301)
CVE-2011-2301
-
High
Joomla! 1.7/2.5 SQL injection vulnerability
CVE-2012-1116
CWE-89
High
Oracle Database Server CVE-2011-2253 Vulnerability (CVE-2011-2253)
CVE-2011-2253
-
High
SQL Injection in Symphony
CVE-2013-2559
CWE-89
High
Oracle Database Server CVE-2011-2239 Vulnerability (CVE-2011-2239)
CVE-2011-2239
-
High
Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-48566)
CVE-2022-48566
CWE-362
High
Ektron CMS multiple vulnerabilities
-
CWE-434
High
Ektron CMS unauthenticated code execution and Local File Read
CVE-2012-5358
CWE-20
High
GibbonEdu Session Fixation Vulnerability (CVE-2022-27305)
CVE-2022-27305
CWE-384
High
Chamilo Improper Privilege Management Vulnerability (CVE-2022-27421)
CVE-2022-27421
CWE-269
High
Gallery 3.0.4 remote code execution
-
CWE-20
High
Horde/IMP Plesk webmail exploit
-
CWE-20
High
Oracle Database Server Other Vulnerability (CVE-2002-1767)
CVE-2002-1767
-
High
Invision Power Board version 3.3.4 unserialize PHP code execution
CVE-2012-5692
CWE-20
High
Python Use After Free Vulnerability (CVE-2022-48560)
CVE-2022-48560
CWE-416
High
jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)
CVE-2022-48285
CWE-22
High
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27426)
CVE-2022-27426
CWE-918
High
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)
CVE-2022-27427
CWE-94
High
Joomla! 1.6.0 SQL injection vulnerability
CVE-2011-1151
CWE-89
High
Roundcube security updates 0.8.6 and 0.7.3
CVE-2013-1904
CWE-22
High
vBSEO 3.6.0 PHP code injection
CVE-2012-5223
CWE-94
High
MySQL Other Vulnerability (CVE-2002-1809)
CVE-2002-1809
-
High
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-45061)
CVE-2022-45061
CWE-400
High
Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)
CVE-2022-28739
CWE-125
High
phpThumb() fltr[] parameter command injection vulnerability
CVE-2010-1598
CWE-20
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1225)
CVE-2012-1225
CWE-138
High
PostgreSQL Other Vulnerability (CVE-2002-1642)
CVE-2002-1642
-
High
VMware directory traversal and privilege escalation vulnerabilities
CVE-2009-3733
CWE-22
High
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-29087)
CVE-2025-29087
CWE-190
High
OpenX arbitrary file upload
CVE-2009-4140
CWE-434
High
PleskLin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1557)
CVE-2012-1557
CWE-138
High
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45020)
CVE-2022-45020
CWE-707
High
Nginx PHP code execution via FastCGI
-
CWE-94
High
Apache Struts2 Remote Command Execution (S2-048)
CVE-2017-9791
CWE-94
High
Apache Struts2 Remote Command Execution (S2-052)
CVE-2017-9805
CWE-94
High
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson
CVE-2017-7525
CWE-502
High
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)
CVE-2011-2726
CWE-863
High
PleskWin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1557)
CVE-2012-1557
CWE-138
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2025-27747)
CVE-2025-27747
CWE-822
High
vBulletin 4 (up to 4.1.2) search.php SQL injection
-
CWE-89
High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)
CVE-2012-1598
CWE-264
High
Plone CMS CVE-2011-2528 Vulnerability (CVE-2011-2528)
CVE-2011-2528
-
High
Zope Web Application Server CVE-2011-2528 Vulnerability (CVE-2011-2528)
CVE-2011-2528
-
High
WordPress W3 Total Cache plugin predictable cache filenames
CVE-2012-6079
CWE-200
High
WordPress caching plugins PHP code execution
CVE-2013-2010
CWE-95
High
MediaWiki Release of Invalid Pointer or Reference Vulnerability (CVE-2022-28203)
CVE-2022-28203
CWE-763
High
MediaWiki CVE-2022-28204 Vulnerability (CVE-2022-28204)
CVE-2022-28204
-
High
MediaWiki CVE-2022-28323 Vulnerability (CVE-2022-28323)
CVE-2022-28323
-
High
Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)
CVE-2012-1562
CWE-330
High
TinyMCE ajax_create_folder remote code execution vulnerability
-
CWE-94
High
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2022-45143)
CVE-2022-45143
CWE-116
High
Uploadify arbitrary file upload
-
CWE-434
High
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2687)
CVE-2011-2687
CWE-264
High
Payara Files or Directories Accessible to External Parties Vulnerability (CVE-2022-45129)
CVE-2022-45129
CWE-552
High
«
1
...
62
63
64
...
181
»
