🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145)
CVE-2024-25145
CWE-707
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-25146)
CVE-2024-25146
CWE-203
Medium
Liferay DXP Other Vulnerability (CVE-2024-25150)
CVE-2024-25150
-
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-29905)
CVE-2022-29905
CWE-352
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25147)
CVE-2024-25147
CWE-707
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-29903)
CVE-2022-29903
CWE-352
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25147)
CVE-2024-25147
CWE-707
Medium
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29718)
CVE-2022-29718
CWE-601
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29710)
CVE-2022-29710
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29577)
CVE-2022-29577
CWE-707
Medium
Apache Denial of service in mod_lua r:parsebody Vulnerability (CVE-2022-29404)
CVE-2022-29404
-
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29258)
CVE-2022-29258
CWE-707
Medium
XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-29253)
CVE-2022-29253
CWE-22
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29252)
CVE-2022-29252
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29251)
CVE-2022-29251
CWE-707
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
MediaWiki Uncontrolled Recursion Vulnerability (CVE-2022-28201)
CVE-2022-28201
CWE-674
Medium
MongoDb Reachable Assertion Vulnerability (CVE-2022-24272)
CVE-2022-24272
CWE-617
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24899)
CVE-2022-24899
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
ownCloud Other Vulnerability (CVE-2022-25339)
CVE-2022-25339
-
Medium
ownCloud Other Vulnerability (CVE-2022-25338)
CVE-2022-25338
-
Medium
Liferay Portal Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Liferay DXP Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Oracle HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2022-25313)
CVE-2022-25313
CWE-400
Medium
Drupal CVE-2022-25278 Vulnerability (CVE-2022-25278)
CVE-2022-25278
-
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25276)
CVE-2022-25276
CWE-707
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25274)
CVE-2022-25274
CWE-863
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25270)
CVE-2022-25270
CWE-863
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26278)
CVE-2024-26278
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)
CVE-2024-26279
CWE-707
Medium
Liferay DXP Origin Validation Error Vulnerability (CVE-2022-25146)
CVE-2022-25146
CWE-346
Medium
Liferay Portal Origin Validation Error Vulnerability (CVE-2022-25146)
CVE-2022-25146
CWE-346
Medium
XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-24897)
CVE-2022-24897
CWE-22
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
WebLogic Other Vulnerability (CVE-2022-24891)
CVE-2022-24891
-
Medium
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2022-24839)
CVE-2022-24839
CWE-400
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26450)
CVE-2024-26450
CWE-352
Medium
XWiki Missing Authentication for Critical Function Vulnerability (CVE-2022-24820)
CVE-2022-24820
CWE-306
Medium
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-24819)
CVE-2022-24819
CWE-359
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-27184)
CVE-2024-27184
CWE-601
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27186)
CVE-2024-27186
CWE-707
Medium
Drupal Improper Input Validation Vulnerability (CVE-2022-24775)
CVE-2022-24775
CWE-20
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27300)
CVE-2024-27300
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24620)
CVE-2022-24620
CWE-707
Medium
SharePoint CVE-2022-24472 Vulnerability (CVE-2022-24472)
CVE-2022-24472
-
Medium
Django Inefficient Regular Expression Complexity Vulnerability (CVE-2024-27351)
CVE-2024-27351
CWE-1333
Medium
silverstripeCMS Session Fixation Vulnerability (CVE-2022-24444)
CVE-2022-24444
CWE-384
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25869)
CVE-2022-25869
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27914)
CVE-2022-27914
CWE-707
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-26595)
CVE-2022-26595
CWE-276
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27913)
CVE-2022-27913
CWE-707
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-27912)
CVE-2022-27912
CWE-200
Medium
Joomla CVE-2022-27911 Vulnerability (CVE-2022-27911)
CVE-2022-27911
-
Medium
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27907)
CVE-2022-27907
CWE-918
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425)
CVE-2022-27425
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422)
CVE-2022-27422
CWE-707
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Moodle CVE-2024-25979 Vulnerability (CVE-2024-25979)
CVE-2024-25979
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597)
CVE-2022-26597
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597)
CVE-2022-26597
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596)
CVE-2022-26596
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596)
CVE-2022-26596
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26594)
CVE-2022-26594
CWE-707
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Moodle CVE-2024-25980 Vulnerability (CVE-2024-25980)
CVE-2024-25980
-
Medium
Moodle CVE-2024-25981 Vulnerability (CVE-2024-25981)
CVE-2024-25981
-
Medium
«
1
...
97
98
99
...
200
»