🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23622)
CVE-2022-23622
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28106)
CVE-2024-28106
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23808)
CVE-2022-23808
CWE-707
Medium
phpMyAdmin Improper Authentication Vulnerability (CVE-2022-23807)
CVE-2022-23807
CWE-287
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23801)
CVE-2022-23801
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23800)
CVE-2022-23800
CWE-707
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23798)
CVE-2022-23798
CWE-601
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23796)
CVE-2022-23796
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28108)
CVE-2024-28108
CWE-707
Medium
Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2022-23794)
CVE-2022-23794
CWE-209
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28190)
CVE-2024-28190
CWE-707
Medium
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-28191)
CVE-2024-28191
CWE-138
Medium
Ruby on Rails CVE-2022-23634 Vulnerability (CVE-2022-23634)
CVE-2022-23634
-
Medium
Contao CVE-2024-28234 Vulnerability (CVE-2024-28234)
CVE-2024-28234
-
Medium
Ruby on Rails CVE-2022-23633 Vulnerability (CVE-2022-23633)
CVE-2022-23633
-
Medium
XWiki Files or Directories Accessible to External Parties Vulnerability (CVE-2022-23621)
CVE-2022-23621
CWE-552
Medium
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)
CVE-2022-23502
CWE-613
Medium
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620)
CVE-2022-23620
CWE-116
Medium
Contao CVE-2024-28235 Vulnerability (CVE-2024-28235)
CVE-2024-28235
-
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618)
CVE-2022-23618
CWE-601
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-23617)
CVE-2022-23617
CWE-862
Medium
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-23616)
CVE-2022-23616
CWE-138
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2022-23615)
CVE-2022-23615
CWE-863
Medium
Envoy Proxy Uncontrolled Recursion Vulnerability (CVE-2022-23606)
CVE-2022-23606
CWE-674
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23599)
CVE-2022-23599
CWE-707
Medium
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-28593)
CVE-2024-28593
CWE-94
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28662)
CVE-2024-28662
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28709)
CVE-2024-28709
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23552)
CVE-2022-23552
CWE-707
Medium
TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504)
CVE-2022-23504
CWE-138
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28710)
CVE-2024-28710
CWE-707
Medium
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21656)
CVE-2022-21656
CWE-295
Medium
MySQL CVE-2022-21641 Vulnerability (CVE-2022-21641)
CVE-2022-21641
-
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27626)
CVE-2024-27626
CWE-707
Medium
Oracle HTTP Server CVE-2022-21375 Vulnerability (CVE-2022-21375)
CVE-2022-21375
-
Medium
MySQL CVE-2022-21460 Vulnerability (CVE-2022-21460)
CVE-2022-21460
-
Medium
MySQL CVE-2022-21454 Vulnerability (CVE-2022-21454)
CVE-2022-21454
-
Medium
WebLogic CVE-2022-21453 Vulnerability (CVE-2022-21453)
CVE-2022-21453
-
Medium
MySQL CVE-2022-21451 Vulnerability (CVE-2022-21451)
CVE-2022-21451
-
Medium
MySQL CVE-2022-21444 Vulnerability (CVE-2022-21444)
CVE-2022-21444
-
Medium
Oracle JRE CVE-2022-21434 Vulnerability (CVE-2022-21434)
CVE-2022-21434
-
Medium
MySQL CVE-2022-21427 Vulnerability (CVE-2022-21427)
CVE-2022-21427
-
Medium
Oracle JRE CVE-2022-21426 Vulnerability (CVE-2022-21426)
CVE-2022-21426
-
Medium
MySQL CVE-2022-21425 Vulnerability (CVE-2022-21425)
CVE-2022-21425
-
Medium
MySQL CVE-2022-21417 Vulnerability (CVE-2022-21417)
CVE-2022-21417
-
Medium
MySQL CVE-2022-21412 Vulnerability (CVE-2022-21412)
CVE-2022-21412
-
Medium
Oracle Database Server CVE-2022-21393 Vulnerability (CVE-2022-21393)
CVE-2022-21393
-
Medium
WebLogic CVE-2022-21386 Vulnerability (CVE-2022-21386)
CVE-2022-21386
-
Medium
MySQL CVE-2022-21378 Vulnerability (CVE-2022-21378)
CVE-2022-21378
-
Medium
MySQL CVE-2022-21374 Vulnerability (CVE-2022-21374)
CVE-2022-21374
-
Medium
MySQL CVE-2022-21479 Vulnerability (CVE-2022-21479)
CVE-2022-21479
-
Medium
MySQL CVE-2022-21370 Vulnerability (CVE-2022-21370)
CVE-2022-21370
-
Medium
MySQL CVE-2022-21368 Vulnerability (CVE-2022-21368)
CVE-2022-21368
-
Medium
MySQL CVE-2022-21367 Vulnerability (CVE-2022-21367)
CVE-2022-21367
-
Medium
Oracle JRE CVE-2022-21366 Vulnerability (CVE-2022-21366)
CVE-2022-21366
-
Medium
Oracle JRE CVE-2022-21365 Vulnerability (CVE-2022-21365)
CVE-2022-21365
-
Medium
MySQL CVE-2022-21363 Vulnerability (CVE-2022-21363)
CVE-2022-21363
-
Medium
MySQL CVE-2022-21362 Vulnerability (CVE-2022-21362)
CVE-2022-21362
-
Medium
WebLogic CVE-2022-21361 Vulnerability (CVE-2022-21361)
CVE-2022-21361
-
Medium
Oracle JRE CVE-2022-21360 Vulnerability (CVE-2022-21360)
CVE-2022-21360
-
Medium
MySQL CVE-2022-21358 Vulnerability (CVE-2022-21358)
CVE-2022-21358
-
Medium
MySQL CVE-2022-21356 Vulnerability (CVE-2022-21356)
CVE-2022-21356
-
Medium
Moodle CVE-2024-33996 Vulnerability (CVE-2024-33996)
CVE-2024-33996
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-33997)
CVE-2024-33997
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-33998)
CVE-2024-33998
CWE-707
Medium
MySQL CVE-2022-21478 Vulnerability (CVE-2022-21478)
CVE-2022-21478
-
Medium
MySQL CVE-2022-21482 Vulnerability (CVE-2022-21482)
CVE-2022-21482
-
Medium
MySQL CVE-2022-21640 Vulnerability (CVE-2022-21640)
CVE-2022-21640
-
Medium
MySQL CVE-2022-21605 Vulnerability (CVE-2022-21605)
CVE-2022-21605
-
Medium
MySQL CVE-2022-21638 Vulnerability (CVE-2022-21638)
CVE-2022-21638
-
Medium
MySQL CVE-2022-21637 Vulnerability (CVE-2022-21637)
CVE-2022-21637
-
Medium
MySQL CVE-2022-21635 Vulnerability (CVE-2022-21635)
CVE-2022-21635
-
Medium
MySQL CVE-2022-21633 Vulnerability (CVE-2022-21633)
CVE-2022-21633
-
Medium
MySQL CVE-2022-21632 Vulnerability (CVE-2022-21632)
CVE-2022-21632
-
Medium
Oracle JRE CVE-2022-21628 Vulnerability (CVE-2022-21628)
CVE-2022-21628
-
Medium
«
1
...
95
96
97
...
200
»