🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23500 vulnerabilities
in this category.
Critical: 1518
High: 12619
Medium: 8575
Low: 784
Information: 4
Vulnerability Name
CVE
CWE
Severity
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-7119)
CVE-2008-7119
CWE-138
High
Python Missing Initialization of Resource Vulnerability (CVE-2018-14647)
CVE-2018-14647
CWE-909
High
Prototype CVE-2008-7220 Vulnerability (CVE-2008-7220)
CVE-2008-7220
-
High
PHP NULL Pointer Dereference Vulnerability (CVE-2018-14884)
CVE-2018-14884
CWE-476
High
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6753)
CVE-2008-6753
CWE-138
High
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-15132)
CVE-2018-15132
CWE-200
High
PHP Numeric Errors Vulnerability (CVE-2015-2331)
CVE-2015-2331
-
High
WebLogic CVE-2018-15756 Vulnerability (CVE-2018-15756)
CVE-2018-15756
-
High
PHP Out-of-bounds Read Vulnerability (CVE-2015-2325)
CVE-2015-2325
CWE-125
High
Joomla CVE-2018-15881 Vulnerability (CVE-2018-15881)
CVE-2018-15881
-
High
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)
CVE-2018-15901
CWE-352
High
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
CVE-2020-5258
CWE-1321
High
WebLogic Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
CVE-2020-5258
CWE-1321
High
MySQL Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')Vulnerability (CVE-2020-5258)
CVE-2020-5258
CWE-138
High
TYPO3 Improper Authentication Vulnerability (CVE-2009-0256)
CVE-2009-0256
CWE-287
High
Play Framework Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-13864)
CVE-2018-13864
CWE-22
High
concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13790)
CVE-2018-13790
CWE-918
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5624)
CVE-2008-5624
CWE-264
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5946)
CVE-2008-5946
CWE-138
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5625)
CVE-2008-5625
CWE-264
High
silverstripeCMS CVE-2020-6164 Vulnerability (CVE-2020-6164)
CVE-2020-6164
-
High
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-12895)
CVE-2018-12895
CWE-22
High
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-13067)
CVE-2018-13067
CWE-352
High
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-5658)
CVE-2008-5658
CWE-22
High
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5665)
CVE-2008-5665
CWE-138
High
Joomla Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-5671)
CVE-2008-5671
CWE-94
High
WordPress Improper Input Validation Vulnerability (CVE-2008-5695)
CVE-2008-5695
CWE-20
High
PHP Configuration Vulnerability (CVE-2008-5844)
CVE-2008-5844
-
High
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5745)
CVE-2020-5745
CWE-707
High
Sqlite Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6593)
CVE-2008-6593
CWE-138
High
PHP Other Vulnerability (CVE-2015-2787)
CVE-2015-2787
-
High
Zenphoto Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5593)
CVE-2020-5593
CWE-138
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6124)
CVE-2008-6124
CWE-138
High
phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)
CVE-2008-6178
CWE-94
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-5504)
CVE-2020-5504
CWE-138
High
Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2775)
CVE-2015-2775
CWE-22
High
MySQL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5398)
CVE-2020-5398
CWE-707
High
WebLogic Download of Code Without Integrity Check Vulnerability (CVE-2020-5398)
CVE-2020-5398
CWE-494
High
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-5360)
CVE-2020-5360
CWE-125
High
Sqlite Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-6592)
CVE-2008-6592
CWE-22
High
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2018-1303)
CVE-2018-1303
CWE-125
High
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
CVE-2009-3631
CWE-94
High
Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-10795)
CVE-2018-10795
CWE-434
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)
CVE-2010-3663
CWE-434
High
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-3419)
CVE-2010-3419
CWE-94
High
Oracle JRE CVE-2018-2825 Vulnerability (CVE-2018-2825)
CVE-2018-2825
-
High
Oracle JRE CVE-2018-2826 Vulnerability (CVE-2018-2826)
CVE-2018-2826
-
High
Oracle Database Server CVE-2018-2841 Vulnerability (CVE-2018-2841)
CVE-2018-2841
-
High
Oracle Database Server CVE-2020-2518 Vulnerability (CVE-2020-2518)
CVE-2020-2518
-
High
Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)
CVE-2010-3600
-
High
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143)
CVE-2014-7143
CWE-295
High
GlassFish CVE-2018-2911 Vulnerability (CVE-2018-2911)
CVE-2018-2911
-
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662)
CVE-2010-3662
CWE-138
High
WebLogic CVE-2018-2935 Vulnerability (CVE-2018-2935)
CVE-2018-2935
-
High
Oracle JRE CVE-2018-2814 Vulnerability (CVE-2018-2814)
CVE-2018-2814
-
High
Oracle Database Server CVE-2018-2939 Vulnerability (CVE-2018-2939)
CVE-2018-2939
-
High
TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668)
CVE-2010-3668
CWE-138
High
Java Unspesificed Vulnerability (CVE-2018-2941)
CVE-2018-2941
-
High
Joomla Improper Authentication Vulnerability (CVE-2014-6632)
CVE-2014-6632
CWE-287
High
Java Unspesificed Vulnerability (CVE-2018-2964)
CVE-2018-2964
-
High
MySQL CVE-2018-3064 Vulnerability (CVE-2018-3064)
CVE-2018-3064
-
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3708)
CVE-2010-3708
CWE-20
High
Oracle Database Server CVE-2020-2511 Vulnerability (CVE-2020-2511)
CVE-2020-2511
-
High
Oracle Database Server CVE-2020-2510 Vulnerability (CVE-2020-2510)
CVE-2020-2510
-
High
Joomla Cryptographic Issues Vulnerability (CVE-2014-7228)
CVE-2014-7228
-
High
Oracle JRE CVE-2018-2811 Vulnerability (CVE-2018-2811)
CVE-2018-2811
-
High
MySQL CVE-2014-6500 Vulnerability (CVE-2014-6500)
CVE-2014-6500
-
High
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8176)
CVE-2014-8176
CWE-119
High
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1931)
CVE-2010-1931
CWE-138
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8626)
CVE-2014-8626
CWE-119
High
e107 Other Vulnerability (CVE-2010-2098)
CVE-2010-2098
-
High
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-2099)
CVE-2010-2099
CWE-264
High
PHPFusion Multiple SQL Injection Vulnerabilities (CVE-2014-8596)
CVE-2014-8596
-
High
Oracle Database Server CVE-2018-2680 Vulnerability (CVE-2018-2680)
CVE-2018-2680
-
High
MySQL CVE-2018-2696 Vulnerability (CVE-2018-2696)
CVE-2018-2696
-
High
«
1
...
151
152
153
...
314
»