Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
MySQL CVE-2024-21238 Vulnerability (CVE-2024-21238)
CVE-2024-21238
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15696)
CVE-2020-15696
CWE-707
Medium
MySQL CVE-2024-21203 Vulnerability (CVE-2024-21203)
CVE-2024-21203
-
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15695)
CVE-2020-15695
CWE-352
Medium
MySQL CVE-2024-21201 Vulnerability (CVE-2024-21201)
CVE-2024-21201
-
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15562)
CVE-2020-15562
CWE-707
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Moodle CVE-2024-25979 Vulnerability (CVE-2024-25979)
CVE-2024-25979
-
Medium
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13596)
CVE-2020-13596
CWE-707
Medium
Next.js Missing Origin Validation in WebSockets Vulnerability (CVE-2025-48068)
CVE-2025-48068
-
Medium
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15400)
CVE-2020-15400
CWE-352
Medium
MySQL CVE-2024-21241 Vulnerability (CVE-2024-21241)
CVE-2024-21241
-
Medium
Contao Improper Privilege Management Vulnerability (CVE-2025-57759)
CVE-2025-57759
CWE-269
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16107)
CVE-2019-16107
CWE-352
Medium
Contao Improper Access Control Vulnerability (CVE-2025-57758)
CVE-2025-57758
CWE-284
Medium
Sqlite CVE-2020-13631 Vulnerability (CVE-2020-13631)
CVE-2020-13631
-
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
MySQL CVE-2024-21262 Vulnerability (CVE-2024-21262)
CVE-2024-21262
-
Medium
Oracle Database Server CVE-2024-21233 Vulnerability (CVE-2024-21233)
CVE-2024-21233
-
Medium
Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-15697)
CVE-2020-15697
CWE-732
Medium
MyBB Exposure of Sensitive Information Through Metadata Vulnerability (CVE-2025-48941)
CVE-2025-48941
CWE-1230
Medium
MySQL CVE-2024-21207 Vulnerability (CVE-2024-21207)
CVE-2024-21207
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
MySQL CVE-2024-21218 Vulnerability (CVE-2024-21218)
CVE-2024-21218
-
Medium
MySQL CVE-2024-21213 Vulnerability (CVE-2024-21213)
CVE-2024-21213
-
Medium
MySQL CVE-2024-21212 Vulnerability (CVE-2024-21212)
CVE-2024-21212
-
Medium
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-13435)
CVE-2020-13435
CWE-476
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15700)
CVE-2020-15700
CWE-352
Medium
Joomla Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-15699)
CVE-2020-15699
CWE-345
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
TYPO3 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-47936)
CVE-2025-47936
CWE-918
Medium
TYPO3 Incorrect Authorization Vulnerability (CVE-2025-47937)
CVE-2025-47937
CWE-863
Medium
Moodle CVE-2024-25980 Vulnerability (CVE-2024-25980)
CVE-2024-25980
-
Medium
Liferay Portal CVE-2020-13444 Vulnerability (CVE-2020-13444)
CVE-2020-13444
-
Medium
Ruby on Rails CVE-2024-26144 Vulnerability (CVE-2024-26144)
CVE-2024-26144
-
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)
CVE-2024-26143
CWE-707
Medium
Sqlite Uncontrolled Recursion Vulnerability (CVE-2019-19645)
CVE-2019-19645
CWE-674
Medium
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2025-47939)
CVE-2025-47939
CWE-434
Medium
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-26129)
CVE-2024-26129
CWE-22
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-25983)
CVE-2024-25983
CWE-639
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15698)
CVE-2020-15698
CWE-200
Medium
MySQL CVE-2024-21204 Vulnerability (CVE-2024-21204)
CVE-2024-21204
-
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17223)
CVE-2019-17223
CWE-707
Medium
Moodle CVE-2024-25981 Vulnerability (CVE-2024-25981)
CVE-2024-25981
-
Medium
MySQL CVE-2024-21230 Vulnerability (CVE-2024-21230)
CVE-2024-21230
-
Medium
MySQL CVE-2024-21200 Vulnerability (CVE-2024-21200)
CVE-2024-21200
-
Medium
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-13632)
CVE-2020-13632
CWE-476
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
MySQL CVE-2024-20971 Vulnerability (CVE-2024-20971)
CVE-2024-20971
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25603)
CVE-2024-25603
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25602)
CVE-2024-25602
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13669)
CVE-2020-13669
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25602)
CVE-2024-25602
CWE-707
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241)
CVE-2020-15241
CWE-601
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25601)
CVE-2024-25601
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25601)
CVE-2024-25601
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25152)
CVE-2024-25152
CWE-707
Medium
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15171)
CVE-2020-15171
CWE-138
Medium
MySQL CVE-2020-14794 Vulnerability (CVE-2020-14794)
CVE-2020-14794
-
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16173)
CVE-2019-16173
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25152)
CVE-2024-25152
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13668)
CVE-2020-13668
CWE-707
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15162)
CVE-2020-15162
CWE-707
Medium
Apache HTTP Server Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2024-24795)
CVE-2024-24795
CWE-707
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-19499)
CVE-2019-19499
CWE-200
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15161)
CVE-2020-15161
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25151)
CVE-2024-25151
CWE-707
Medium
MySQL CVE-2024-20973 Vulnerability (CVE-2024-20973)
CVE-2024-20973
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25151)
CVE-2024-25151
CWE-707
Medium
«
1
...
66
67
68
...
181
»
