Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Java Code Execution Vulnerability (CVE-2019-2745)
CVE-2019-2745
-
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8132)
CVE-2019-8132
CWE-707
Medium
MySQL CVE-2019-2746 Vulnerability (CVE-2019-2746)
CVE-2019-2746
-
Medium
XWikiplatform Other Vulnerability (CVE-2025-29925)
CVE-2025-29925
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45406)
CVE-2024-45406
CWE-707
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-45591)
CVE-2024-45591
CWE-862
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7897)
CVE-2019-7897
CWE-707
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51488)
CVE-2024-51488
CWE-352
Medium
Magento Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-8232)
CVE-2019-8232
CWE-362
Medium
MongoDb Other Vulnerability (CVE-2024-8305)
CVE-2024-8305
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6264)
CVE-2019-6264
CWE-707
Medium
Payara URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-7312)
CVE-2024-7312
CWE-601
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6263)
CVE-2019-6263
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6262)
CVE-2019-6262
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6261)
CVE-2019-6261
CWE-707
Medium
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-7658)
CVE-2024-7658
CWE-639
Medium
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-8184)
CVE-2024-8184
CWE-770
Medium
MongoDb Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2024-8207)
CVE-2024-8207
CWE-610
Medium
AngularJS Other Vulnerability (CVE-2024-8372)
CVE-2024-8372
-
Medium
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-6762)
CVE-2024-6762
CWE-770
Medium
AngularJS Other Vulnerability (CVE-2024-8373)
CVE-2024-8373
-
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-8519)
CVE-2024-8519
CWE-707
Medium
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-8520)
CVE-2024-8520
CWE-352
Medium
ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-5433)
CVE-2019-5433
CWE-601
Medium
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-26241)
CVE-2025-26241
CWE-138
Medium
PHP Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-8925)
CVE-2024-8925
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3400)
CVE-2019-3400
CWE-707
Medium
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-3401)
CVE-2019-3401
CWE-863
Medium
Jetty Other Vulnerability (CVE-2024-6763)
CVE-2024-6763
-
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6702)
CVE-2024-6702
CWE-707
Medium
PHP Out-of-bounds Read Vulnerability (CVE-2024-8929)
CVE-2024-8929
CWE-125
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26529)
CVE-2025-26529
CWE-707
Medium
MySQL CVE-2019-3003 Vulnerability (CVE-2019-3003)
CVE-2019-3003
-
Medium
MySQL CVE-2019-3004 Vulnerability (CVE-2019-3004)
CVE-2019-3004
-
Medium
MySQL CVE-2019-3009 Vulnerability (CVE-2019-3009)
CVE-2019-3009
-
Medium
PHP Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-5458)
CVE-2024-5458
CWE-345
Medium
phpMyAdmin CVE-2019-6799 Vulnerability (CVE-2019-6799)
CVE-2019-6799
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26530)
CVE-2025-26530
CWE-707
Medium
MySQL CVE-2019-3011 Vulnerability (CVE-2019-3011)
CVE-2019-3011
-
Medium
MySQL CVE-2019-3018 Vulnerability (CVE-2019-3018)
CVE-2019-3018
-
Medium
MongoDb Missing Authorization Vulnerability (CVE-2024-6375)
CVE-2024-6375
CWE-862
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-26526)
CVE-2025-26526
CWE-863
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26528)
CVE-2025-26528
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6588)
CVE-2019-6588
CWE-707
Medium
MongoDb CVE-2024-6384 Vulnerability (CVE-2024-6384)
CVE-2024-6384
-
Medium
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6484)
CVE-2024-6484
CWE-707
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6700)
CVE-2024-6700
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6341)
CVE-2019-6341
CWE-707
Medium
Moodle Exposure of Sensitive Information Through Metadata Vulnerability (CVE-2025-26527)
CVE-2025-26527
CWE-1230
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6701)
CVE-2024-6701
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3402)
CVE-2019-3402
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4748)
CVE-2019-4748
CWE-707
Medium
Apache Traffic Server CVE-2024-56202 Vulnerability (CVE-2024-56202)
CVE-2024-56202
-
Medium
Moodle CVE-2019-3852 Vulnerability (CVE-2019-3852)
CVE-2019-3852
-
Medium
IBM RTC CVE-2019-4084 Vulnerability (CVE-2019-4084)
CVE-2019-4084
-
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4083)
CVE-2019-4083
CWE-707
Medium
WebLogic Observable Discrepancy Vulnerability (CVE-2019-3739)
CVE-2019-3739
CWE-203
Medium
WebLogic Observable Discrepancy Vulnerability (CVE-2019-3740)
CVE-2019-3740
CWE-203
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1746)
CVE-2025-1746
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1747)
CVE-2025-1747
CWE-707
Medium
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-3805)
CVE-2019-3805
CWE-362
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3872)
CVE-2019-3872
CWE-707
Medium
Moodle CVE-2019-3851 Vulnerability (CVE-2019-3851)
CVE-2019-3851
-
Medium
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3579)
CVE-2019-3579
CWE-200
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-3850)
CVE-2019-3850
CWE-601
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1748)
CVE-2025-1748
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1749)
CVE-2025-1749
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3848)
CVE-2019-3848
CWE-200
Medium
SharePoint CVE-2025-21393 Vulnerability (CVE-2025-21393)
CVE-2025-21393
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3810)
CVE-2019-3810
CWE-200
Medium
Oracle HTTP Server Missing Authorization Vulnerability (CVE-2025-21498)
CVE-2025-21498
CWE-862
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3808)
CVE-2019-3808
CWE-707
Medium
PHP Improper Input Validation Vulnerability (CVE-2025-1734)
CVE-2025-1734
CWE-20
Medium
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-1695)
CVE-2025-1695
CWE-835
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4747)
CVE-2019-4747
CWE-707
Medium