Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13430)
CVE-2020-13430
CWE-707
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Django Improper Certificate Validation Vulnerability (CVE-2020-13254)
CVE-2020-13254
CWE-295
Medium
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2020-13240)
CVE-2020-13240
CWE-276
Medium
Envoy Proxy Overly Restrictive Regular Expression Vulnerability (CVE-2025-46821)
CVE-2025-46821
CWE-186
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13239)
CVE-2020-13239
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13094)
CVE-2020-13094
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12718)
CVE-2020-12718
CWE-707
Medium
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19845)
CVE-2019-19845
CWE-22
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12708)
CVE-2020-12708
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12706)
CVE-2020-12706
CWE-707
Medium
Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712)
CVE-2019-19712
CWE-276
Medium
Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)
CVE-2019-19714
CWE-116
Medium
Liferay Portal Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12648)
CVE-2020-12648
CWE-707
Medium
Liferay DXP Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-3643)
CVE-2025-3643
CWE-707
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3640)
CVE-2025-3640
CWE-639
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28853)
CVE-2024-28853
CWE-707
Medium
Rukovoditel Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11821)
CVE-2020-11821
CWE-312
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2020-11891)
CVE-2020-11891
CWE-863
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28190)
CVE-2024-28190
CWE-707
Medium
Joomla Improper Input Validation Vulnerability (CVE-2020-11890)
CVE-2020-11890
CWE-20
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2020-11889)
CVE-2020-11889
CWE-863
Medium
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-28191)
CVE-2024-28191
CWE-138
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11823)
CVE-2020-11823
CWE-707
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11822)
CVE-2020-11822
CWE-707
Medium
Contao CVE-2024-28234 Vulnerability (CVE-2024-28234)
CVE-2024-28234
-
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1134)
CVE-2019-1134
CWE-707
Medium
Craft CMS Other Vulnerability (CVE-2025-35939)
CVE-2025-35939
-
Medium
Contao CVE-2024-28235 Vulnerability (CVE-2024-28235)
CVE-2024-28235
-
Medium
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-28593)
CVE-2024-28593
CWE-94
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28662)
CVE-2024-28662
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28709)
CVE-2024-28709
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28710)
CVE-2024-28710
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28793)
CVE-2024-28793
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28852)
CVE-2024-28852
CWE-707
Medium
Oracle JRE Incorrect Authorization Vulnerability (CVE-2025-21502)
CVE-2025-21502
CWE-863
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28108)
CVE-2024-28108
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1036)
CVE-2019-1036
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27300)
CVE-2024-27300
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12438)
CVE-2020-12438
CWE-707
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3636)
CVE-2025-3636
CWE-639
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27525)
CVE-2024-27525
CWE-707
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-12459)
CVE-2020-12459
CWE-200
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27626)
CVE-2024-27626
CWE-707
Medium
Moodle Improper Authentication Vulnerability (CVE-2025-3634)
CVE-2025-3634
CWE-287
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-3628)
CVE-2025-3628
CWE-200
Medium
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-12458)
CVE-2020-12458
CWE-312
Medium
Moodle Improper Authentication Vulnerability (CVE-2025-3627)
CVE-2025-3627
CWE-287
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12245)
CVE-2020-12245
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-3057)
CVE-2025-3057
CWE-707
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12137)
CVE-2020-12137
CWE-707
Medium
Mailman Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-12108)
CVE-2020-12108
CWE-138
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12052)
CVE-2020-12052
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1031)
CVE-2019-1031
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28106)
CVE-2024-28106
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1032)
CVE-2019-1032
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1033)
CVE-2019-1033
CWE-707
Medium
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-11985)
CVE-2020-11985
CWE-345
Medium
WP Plugin Contact Form 7 Improper Validation of Integrity Check Value Vulnerability (CVE-2025-3247)
CVE-2025-3247
CWE-354
Medium
XWikiplatform Other Vulnerability (CVE-2025-32783)
CVE-2025-32783
-
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0978)
CVE-2020-0978
CWE-707
Medium
MySQL CVE-2019-2630 Vulnerability (CVE-2019-2630)
CVE-2019-2630
-
Medium
MySQL CVE-2019-2566 Vulnerability (CVE-2019-2566)
CVE-2019-2566
-
Medium
Open Resty Inefficient Algorithmic Complexity Vulnerability (CVE-2024-39702)
CVE-2024-39702
CWE-407
Medium
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2025-30753)
CVE-2025-30753
CWE-400
Medium
Apache HTTP Server CVE-2024-39884 Vulnerability (CVE-2024-39884)
CVE-2024-39884
-
Medium
PHP CVE-2024-3096 Vulnerability (CVE-2024-3096)
CVE-2024-3096
-
Medium
Dot CMS CVE-2024-3164 Vulnerability (CVE-2024-3164)
CVE-2024-3164
-
Medium
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8943)
CVE-2019-8943
CWE-22
Medium
Dot CMS Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-3165)
CVE-2024-3165
CWE-532
Medium
«
1
...
77
78
79
...
181
»
