🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2023-7104)
CVE-2023-7104
CWE-119
Critical
Oracle JRE CVE-2013-5787 Vulnerability (CVE-2013-5787)
CVE-2013-5787
-
Critical
Oracle JRE CVE-2013-5782 Vulnerability (CVE-2013-5782)
CVE-2013-5782
-
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43168)
CVE-2022-43168
CWE-138
Critical
Oracle JRE CVE-2013-5777 Vulnerability (CVE-2013-5777)
CVE-2013-5777
-
Critical
Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0307)
CVE-2023-0307
CWE-521
Critical
Oracle JRE CVE-2013-5817 Vulnerability (CVE-2013-5817)
CVE-2013-5817
-
Critical
Oracle JRE CVE-2013-2464 Vulnerability (CVE-2013-2464)
CVE-2013-2464
-
Critical
Oracle JRE CVE-2013-2471 Vulnerability (CVE-2013-2471)
CVE-2013-2471
-
Critical
Oracle JRE CVE-2013-2470 Vulnerability (CVE-2013-2470)
CVE-2013-2470
-
Critical
Oracle JRE CVE-2013-2469 Vulnerability (CVE-2013-2469)
CVE-2013-2469
-
Critical
Oracle JRE CVE-2013-2468 Vulnerability (CVE-2013-2468)
CVE-2013-2468
-
Critical
Oracle JRE CVE-2013-2466 Vulnerability (CVE-2013-2466)
CVE-2013-2466
-
Critical
Oracle JRE CVE-2013-2465 Vulnerability (CVE-2013-2465)
CVE-2013-2465
-
Critical
Oracle JRE CVE-2013-2463 Vulnerability (CVE-2013-2463)
CVE-2013-2463
-
Critical
Oracle JRE CVE-2013-2473 Vulnerability (CVE-2013-2473)
CVE-2013-2473
-
Critical
Oracle JRE CVE-2013-2462 Vulnerability (CVE-2013-2462)
CVE-2013-2462
-
Critical
Oracle Database Server CVE-2012-0552 Vulnerability (CVE-2012-0552)
CVE-2012-0552
-
Critical
Oracle JRE CVE-2013-2460 Vulnerability (CVE-2013-2460)
CVE-2013-2460
-
Critical
Oracle JRE CVE-2013-2459 Vulnerability (CVE-2013-2459)
CVE-2013-2459
-
Critical
SugarCRM Improper Input Validation Vulnerability (CVE-2012-0694)
CVE-2012-0694
CWE-20
Critical
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2023-4006)
CVE-2023-4006
CWE-1236
Critical
Oracle JRE CVE-2013-2472 Vulnerability (CVE-2013-2472)
CVE-2013-2472
-
Critical
Oracle JRE CVE-2012-0507 Vulnerability (CVE-2012-0507)
CVE-2012-0507
-
Critical
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5227)
CVE-2023-5227
CWE-434
Critical
Podcast Generator Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-53899)
CVE-2023-53899
CWE-918
Critical
phpMyFAQ Improper Authentication Vulnerability (CVE-2023-0311)
CVE-2023-0311
CWE-287
Critical
ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-53980)
CVE-2023-53980
CWE-434
Critical
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0788)
CVE-2023-0788
CWE-94
Critical
phpMyFAQ Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2023-0789)
CVE-2023-0789
CWE-138
Critical
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-3889)
CVE-2013-3889
CWE-119
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-1753)
CVE-2023-1753
CWE-521
Critical
Oracle Database Server CVE-2013-3751 Vulnerability (CVE-2013-3751)
CVE-2013-3751
-
Critical
Oracle JRE CVE-2012-0504 Vulnerability (CVE-2012-0504)
CVE-2012-0504
-
Critical
phpMyFAQ Authentication Bypass by Capture-replay Vulnerability (CVE-2023-1886)
CVE-2023-1886
CWE-294
Critical
Oracle JRE CVE-2012-0497 Vulnerability (CVE-2012-0497)
CVE-2012-0497
-
Critical
Oracle JRE CVE-2012-0498 Vulnerability (CVE-2012-0498)
CVE-2012-0498
-
Critical
Oracle JRE CVE-2012-0499 Vulnerability (CVE-2012-0499)
CVE-2012-0499
-
Critical
Oracle JRE CVE-2012-0500 Vulnerability (CVE-2012-0500)
CVE-2012-0500
-
Critical
SharePoint CVE-2023-21716 Vulnerability (CVE-2023-21716)
CVE-2023-21716
-
Critical
Oracle JRE CVE-2013-5814 Vulnerability (CVE-2013-5814)
CVE-2013-5814
-
Critical
Oracle JRE CVE-2013-5824 Vulnerability (CVE-2013-5824)
CVE-2013-5824
-
Critical
ownCloud Improper Authentication Vulnerability (CVE-2023-49105)
CVE-2023-49105
CWE-287
Critical
Vanilla Forums Other Vulnerability (CVE-2011-3614)
CVE-2011-3614
-
Critical
Django Resource Management Errors Vulnerability (CVE-2014-0474)
CVE-2014-0474
-
Critical
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-3583)
CVE-2011-3583
CWE-138
Critical
Plone CMS CVE-2011-3587 Vulnerability (CVE-2011-3587)
CVE-2011-3587
-
Critical
Zope Web Application Server CVE-2011-3587 Vulnerability (CVE-2011-3587)
CVE-2011-3587
-
Critical
Oracle JRE CVE-2014-0461 Vulnerability (CVE-2014-0461)
CVE-2014-0461
-
Critical
Oracle JRE CVE-2014-0457 Vulnerability (CVE-2014-0457)
CVE-2014-0457
-
Critical
FluxBB CVE-2011-3621 Vulnerability (CVE-2011-3621)
CVE-2011-3621
-
Critical
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21650)
CVE-2024-21650
CWE-94
Critical
Oracle JRE CVE-2014-0456 Vulnerability (CVE-2014-0456)
CVE-2014-0456
-
Critical
Oracle JRE CVE-2014-0455 Vulnerability (CVE-2014-0455)
CVE-2014-0455
-
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36094)
CVE-2022-36094
CWE-707
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36096)
CVE-2022-36096
CWE-707
Critical
Oracle JRE CVE-2014-0432 Vulnerability (CVE-2014-0432)
CVE-2014-0432
-
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36098)
CVE-2022-36098
CWE-707
Critical
Oracle JRE CVE-2011-3544 Vulnerability (CVE-2011-3544)
CVE-2011-3544
-
Critical
Moodle Improper Input Validation Vulnerability (CVE-2022-35649)
CVE-2022-35649
CWE-20
Critical
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-36760)
CVE-2022-36760
-
Critical
WordPress CVE-2011-3122 Vulnerability (CVE-2011-3122)
CVE-2011-3122
-
Critical
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-31631)
CVE-2022-31631
CWE-138
Critical
Zikula Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2293)
CVE-2014-2293
CWE-94
Critical
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2715)
CVE-2011-2715
CWE-138
Critical
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2022-31813)
CVE-2022-31813
CWE-345
Critical
Beego Framework Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-31836)
CVE-2022-31836
CWE-22
Critical
Elgg Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2936)
CVE-2011-2936
CWE-138
Critical
WordPress CVE-2011-3125 Vulnerability (CVE-2011-3125)
CVE-2011-3125
-
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-34265)
CVE-2022-34265
CWE-138
Critical
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3129)
CVE-2011-3129
CWE-264
Critical
ownCloud Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-2052)
CVE-2014-2052
CWE-611
Critical
ownCloud Improper Access Control Vulnerability (CVE-2014-2048)
CVE-2014-2048
CWE-284
Critical
Magento Incorrect Authorization Vulnerability (CVE-2022-34256)
CVE-2022-34256
CWE-863
Critical
«
1
...
8
9
10
...
200
»