Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
XWikiplatform CVE-2025-32972 Vulnerability (CVE-2025-32972)
CVE-2025-32972
-
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11456)
CVE-2020-11456
CWE-707
Medium
LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-11455)
CVE-2020-11455
CWE-22
Medium
phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-11441)
CVE-2020-11441
CWE-138
Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)
CVE-2020-11022
CWE-707
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29203)
CVE-2024-29203
CWE-707
Medium
Atlassian Jira CVE-2019-20402 Vulnerability (CVE-2019-20402)
CVE-2019-20402
-
Medium
Nginx Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20372)
CVE-2019-20372
CWE-444
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20401)
CVE-2019-20401
CWE-352
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10596)
CVE-2020-10596
CWE-707
Medium
Moodle CVE-2024-33996 Vulnerability (CVE-2024-33996)
CVE-2024-33996
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-33997)
CVE-2024-33997
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-33998)
CVE-2024-33998
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34000)
CVE-2024-34000
CWE-707
Medium
ownCloud Improper Authentication Vulnerability (CVE-2020-10254)
CVE-2020-10254
CWE-287
Medium
Atlassian Jira CVE-2019-20403 Vulnerability (CVE-2019-20403)
CVE-2019-20403
-
Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)
CVE-2020-10687
CWE-444
Medium
Moodle CVE-2024-34002 Vulnerability (CVE-2024-34002)
CVE-2024-34002
-
Medium
Moodle CVE-2024-34003 Vulnerability (CVE-2024-34003)
CVE-2024-34003
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10242)
CVE-2020-10242
CWE-707
Medium
Moodle CVE-2024-34004 Vulnerability (CVE-2024-34004)
CVE-2024-34004
-
Medium
Atlassian Jira CVE-2019-20404 Vulnerability (CVE-2019-20404)
CVE-2019-20404
-
Medium
Joomla Improper Input Validation Vulnerability (CVE-2020-10240)
CVE-2020-10240
CWE-20
Medium
Moodle CVE-2024-34005 Vulnerability (CVE-2024-34005)
CVE-2024-34005
-
Medium
Moodle Inappropriate Encoding for Output Context Vulnerability (CVE-2024-34006)
CVE-2024-34006
CWE-838
Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)
CVE-2020-10687
CWE-444
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10688)
CVE-2020-10688
CWE-707
Medium
OpenSSL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2019-1559)
CVE-2019-1559
-
Medium
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10803)
CVE-2020-10803
CWE-138
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)
CVE-2020-11022
CWE-707
Medium
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31985)
CVE-2024-31985
CWE-352
Medium
MediaWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-10960)
CVE-2020-10960
CWE-116
Medium
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-10959)
CVE-2020-10959
CWE-601
Medium
Ruby Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-10933)
CVE-2020-10933
CWE-200
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20042)
CVE-2019-20042
CWE-707
Medium
WordPress Improper Privilege Management Vulnerability (CVE-2019-20043)
CVE-2019-20043
CWE-269
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20098)
CVE-2019-20098
CWE-352
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20099)
CVE-2019-20099
CWE-352
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-10693)
CVE-2020-10693
CWE-20
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20100)
CVE-2019-20100
CWE-352
Medium
Atlassian Jira Other Vulnerability (CVE-2019-20101)
CVE-2019-20101
-
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-32464)
CVE-2024-32464
CWE-707
Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719)
CVE-2020-10719
CWE-444
Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719)
CVE-2020-10719
CWE-444
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20102)
CVE-2019-20102
CWE-707
Medium
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-20106)
CVE-2019-20106
CWE-276
Medium
MyBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20225)
CVE-2019-20225
CWE-601
Medium
WebLogic Improper Input Validation Vulnerability (CVE-2020-10693)
CVE-2020-10693
CWE-20
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29374)
CVE-2024-29374
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29179)
CVE-2024-29179
CWE-707
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20405)
CVE-2019-20405
CWE-352
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26278)
CVE-2024-26278
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12639)
CVE-2020-12639
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12629)
CVE-2020-12629
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45892)
CVE-2025-45892
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45387)
CVE-2025-45387
CWE-707
Medium
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-44110)
CVE-2025-44110
CWE-707
Medium
Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-12626)
CVE-2020-12626
CWE-352
Medium
Mailman Incorrect Authorization Vulnerability (CVE-2025-43921)
CVE-2025-43921
CWE-863
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12625)
CVE-2020-12625
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)
CVE-2024-26279
CWE-707
Medium
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-46053)
CVE-2025-46053
CWE-138
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26450)
CVE-2024-26450
CWE-352
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-27184)
CVE-2024-27184
CWE-601
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19910)
CVE-2019-19910
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27186)
CVE-2024-27186
CWE-707
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3647)
CVE-2025-3647
CWE-863
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3645)
CVE-2025-3645
CWE-863
Medium
Sqlite Improper Handling of Exceptional Conditions Vulnerability (CVE-2019-19924)
CVE-2019-19924
CWE-755
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3644)
CVE-2025-3644
CWE-863
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45893)
CVE-2025-45893
CWE-707
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2025-46554)
CVE-2025-46554
CWE-862
Medium
Play Framework Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-12480)
CVE-2020-12480
CWE-352
Medium
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-19709)
CVE-2019-19709
CWE-601
Medium