🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Next.js Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-36046)
CVE-2022-36046
CWE-754
Medium
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2022-35957)
CVE-2022-35957
CWE-290
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21627)
CVE-2024-21627
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35740)
CVE-2022-35740
CWE-707
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21628)
CVE-2024-21628
CWE-707
Medium
Pega Infinity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-35656)
CVE-2022-35656
CWE-352
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35655)
CVE-2022-35655
CWE-707
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35654)
CVE-2022-35654
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35653)
CVE-2022-35653
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35651)
CVE-2022-35651
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36097)
CVE-2022-36097
CWE-707
Medium
XWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-21651)
CVE-2024-21651
CWE-400
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35212)
CVE-2022-35212
CWE-707
Medium
MediaWiki CVE-2022-34912 Vulnerability (CVE-2022-34912)
CVE-2022-34912
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34911)
CVE-2022-34911
CWE-707
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34305)
CVE-2022-34305
CWE-707
Medium
Magento CVE-2022-34259 Vulnerability (CVE-2022-34259)
CVE-2022-34259
-
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34258)
CVE-2022-34258
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34257)
CVE-2022-34257
CWE-707
Medium
Atlassian Confluence Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2024-21703)
CVE-2024-21703
CWE-732
Medium
Joomla Insufficient Session Expiration Vulnerability (CVE-2024-21722)
CVE-2024-21722
CWE-613
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-21723)
CVE-2024-21723
CWE-601
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21724)
CVE-2024-21724
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21725)
CVE-2024-21725
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21726)
CVE-2024-21726
CWE-707
Medium
MySQL CVE-2024-21262 Vulnerability (CVE-2024-21262)
CVE-2024-21262
-
Medium
MySQL CVE-2024-21241 Vulnerability (CVE-2024-21241)
CVE-2024-21241
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21730)
CVE-2024-21730
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37161)
CVE-2022-37161
CWE-707
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37421)
CVE-2022-37421
CWE-707
Medium
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-37392)
CVE-2022-37392
CWE-754
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37251)
CVE-2022-37251
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37250)
CVE-2022-37250
CWE-707
Medium
MySQL CVE-2024-21201 Vulnerability (CVE-2024-21201)
CVE-2024-21201
-
Medium
MySQL CVE-2024-21203 Vulnerability (CVE-2024-21203)
CVE-2024-21203
-
Medium
MySQL CVE-2024-21204 Vulnerability (CVE-2024-21204)
CVE-2024-21204
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37248)
CVE-2022-37248
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37247)
CVE-2022-37247
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37246)
CVE-2022-37246
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37183)
CVE-2022-37183
CWE-707
Medium
MySQL CVE-2024-21207 Vulnerability (CVE-2024-21207)
CVE-2024-21207
-
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37162)
CVE-2022-37162
CWE-707
Medium
MySQL CVE-2024-21212 Vulnerability (CVE-2024-21212)
CVE-2024-21212
-
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37160)
CVE-2022-37160
CWE-707
Medium
MySQL CVE-2024-21239 Vulnerability (CVE-2024-21239)
CVE-2024-21239
-
Medium
MySQL CVE-2024-21213 Vulnerability (CVE-2024-21213)
CVE-2024-21213
-
Medium
MySQL CVE-2024-21218 Vulnerability (CVE-2024-21218)
CVE-2024-21218
-
Medium
MySQL CVE-2024-21219 Vulnerability (CVE-2024-21219)
CVE-2024-21219
-
Medium
Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)
CVE-2022-37034
CWE-674
Medium
Dot CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-37033)
CVE-2022-37033
CWE-918
Medium
MySQL CVE-2024-21230 Vulnerability (CVE-2024-21230)
CVE-2024-21230
-
Medium
Oracle Database Server CVE-2024-21233 Vulnerability (CVE-2024-21233)
CVE-2024-21233
-
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36108)
CVE-2022-36108
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36107)
CVE-2022-36107
CWE-707
Medium
TYPO3 Improper Authentication Vulnerability (CVE-2022-36106)
CVE-2022-36106
CWE-287
Medium
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
CVE-2022-36105
CWE-203
Medium
Oracle JRE CVE-2024-21235 Vulnerability (CVE-2024-21235)
CVE-2024-21235
-
Medium
MySQL CVE-2024-21236 Vulnerability (CVE-2024-21236)
CVE-2024-21236
-
Medium
MySQL CVE-2024-21238 Vulnerability (CVE-2024-21238)
CVE-2024-21238
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21729)
CVE-2024-21729
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21731)
CVE-2024-21731
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37431)
CVE-2022-37431
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23819)
CVE-2024-23819
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23640)
CVE-2024-23640
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23642)
CVE-2024-23642
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23643)
CVE-2024-23643
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31097)
CVE-2022-31097
CWE-707
Medium
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2024-23672)
CVE-2024-23672
CWE-459
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31049)
CVE-2022-31049
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31048)
CVE-2022-31048
CWE-707
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)
CVE-2022-31047
CWE-532
Medium
TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046)
CVE-2022-31046
CWE-319
Medium
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31043)
CVE-2022-31043
CWE-212
Medium
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31042)
CVE-2022-31042
CWE-212
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23817)
CVE-2024-23817
CWE-707
Medium
«
1
...
91
92
93
...
200
»