Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)
CVE-2007-6619
CWE-264
High
Apache HTTP Server Other Vulnerability (CVE-2004-2343)
CVE-2004-2343
-
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6666)
CVE-2007-6666
CWE-138
High
Apache HTTP Server CVE-2002-0839 Vulnerability (CVE-2002-0839)
CVE-2002-0839
-
High
PostgreSQL Other Vulnerability (CVE-2002-0802)
CVE-2002-0802
-
High
PHP Other Vulnerability (CVE-2002-0717)
CVE-2002-0717
-
High
Zope Web Application Server Other Vulnerability (CVE-2002-0688)
CVE-2002-0688
-
High
Apache Tomcat Other Vulnerability (CVE-2002-0682)
CVE-2002-0682
-
High
Apache HTTP Server Other Vulnerability (CVE-2002-0661)
CVE-2002-0661
-
High
PHP Numeric Errors Vulnerability (CVE-2012-2386)
CVE-2012-2386
-
High
phpMyAdmin Other Vulnerability (CVE-2004-2631)
CVE-2004-2631
-
High
Oracle HTTP Server Other Vulnerability (CVE-2002-0656)
CVE-2002-0656
-
High
Oracle Application Server Other Vulnerability (CVE-2002-0656)
CVE-2002-0656
-
High
OpenSSL Other Vulnerability (CVE-2002-0656)
CVE-2002-0656
-
High
OpenSSL Other Vulnerability (CVE-2002-0655)
CVE-2002-0655
-
High
Oracle HTTP Server Other Vulnerability (CVE-2002-0655)
CVE-2002-0655
-
High
phpMyAdmin Other Vulnerability (CVE-2004-2630)
CVE-2004-2630
-
High
Oracle Application Server Other Vulnerability (CVE-2002-0655)
CVE-2002-0655
-
High
MongoDB $where operator JavaScript injection
-
CWE-943
High
Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125)
CVE-2025-31125
CWE-200
High
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1890)
CVE-2009-1890
CWE-400
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6124)
CVE-2008-6124
CWE-138
High
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities
CVE-2012-3302
CWE-79
High
lighttpd v1.4.34 SQL injection and path traversal
CVE-2014-2324
CWE-89
High
Liferay JSON service API authentication vulnerability
-
CWE-287
High
Oracle JRE CVE-2013-2445 Vulnerability (CVE-2013-2445)
CVE-2013-2445
-
High
Kayako Fusion v4.51.1891 - multiple web vulnerabilities
-
CWE-79
High
Drupal Other Vulnerability (CVE-2006-2742)
CVE-2006-2742
-
High
Joomla! 1.7/2.5 SQL injection vulnerability
CVE-2012-1116
CWE-89
High
WordPress Other Vulnerability (CVE-2007-0262)
CVE-2007-0262
-
High
Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070)
CVE-2023-49070
CWE-502
High
Odoo LFI (CVE-2019-14322)
CVE-2019-14322
CWE-22
High
Oracle JRE CVE-2013-2442 Vulnerability (CVE-2013-2442)
CVE-2013-2442
-
High
phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)
CVE-2008-6178
CWE-94
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0046)
CVE-2012-0046
CWE-200
High
Joomla! 1.6.0 SQL injection vulnerability
CVE-2011-1151
CWE-89
High
WordPress Other Vulnerability (CVE-2007-0233)
CVE-2007-0233
-
High
WordPress Other Vulnerability (CVE-2006-2667)
CVE-2006-2667
-
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5946)
CVE-2008-5946
CWE-138
High
Joomla! 1.6/1.7/2.5 privilege escalation vulnerability
CVE-2012-1563
CWE-269
High
Invision Power Board version 3.3.4 unserialize PHP code execution
CVE-2012-5692
CWE-20
High
Oracle JRE CVE-2013-2430 Vulnerability (CVE-2013-2430)
CVE-2013-2430
-
High
Oracle JRE CVE-2013-2429 Vulnerability (CVE-2013-2429)
CVE-2013-2429
-
High
PHP Configuration Vulnerability (CVE-2008-5844)
CVE-2008-5844
-
High
WordPress Improper Input Validation Vulnerability (CVE-2008-5695)
CVE-2008-5695
CWE-20
High
Horde/IMP Plesk webmail exploit
-
CWE-20
High
Gallery 3.0.4 remote code execution
-
CWE-20
High
Elasticsearch remote code execution
CVE-2014-3120
CWE-78
High
Joomla Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-5671)
CVE-2008-5671
CWE-94
High
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5665)
CVE-2008-5665
CWE-138
High
MediaWiki multiple remote vulnerabilities
CVE-2012-4378
CWE-79
High
MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities
CVE-2012-6081
CWE-434
High
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-5658)
CVE-2008-5658
CWE-22
High
SQL Injection in Symphony
CVE-2013-2559
CWE-89
High
Oracle JRE CVE-2013-2461 Vulnerability (CVE-2013-2461)
CVE-2013-2461
-
High
vBulletin 4 (up to 4.1.2) search.php SQL injection
-
CWE-89
High
Kentico CMS Deserialization RCE
CVE-2019-10068
CWE-502
High
vBSEO 3.6.0 PHP code injection
CVE-2012-5223
CWE-94
High
Kentico CMS RCE CVE-2017-17736
CVE-2017-17736
CWE-425
High
vBulletin PHP object injection vulnerability
-
CWE-915
High
Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950
CVE-2020-2950
CWE-502
High
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1285)
CVE-2009-1285
CWE-94
High
vBulletin 5.1.2 SQL injection
CVE-2014-5102
CWE-89
High
Typo3 core sanitizeLocalUrl() non-persistent cross-site scripting
CVE-2015-5956
CWE-79
High
Oracle E-Business Suite SQL injection (CVE-2017-3549)
CVE-2017-3549
CWE-89
High
PHP CVE-2006-5706 Vulnerability (CVE-2006-5706)
CVE-2006-5706
-
High
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6753)
CVE-2008-6753
CWE-138
High
Sqlite Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6593)
CVE-2008-6593
CWE-138
High
Vulnerabilities in SharePoint could allow elevation of privilege
CVE-2012-1859
CWE-79
High
Sqlite Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-6592)
CVE-2008-6592
CWE-22
High
Apache HTTP Server Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2009-1955)
CVE-2009-1955
CWE-776
High
Roundcube security updates 0.8.6 and 0.7.3
CVE-2013-1904
CWE-22
High
Oracle Database Server CVE-2009-1963 Vulnerability (CVE-2009-1963)
CVE-2009-1963
-
High
Ampache Other Vulnerability (CVE-2006-5668)
CVE-2006-5668
-
High
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5083)
CVE-2011-5083
CWE-264
High