🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23500 vulnerabilities
in this category.
Critical: 1518
High: 12619
Medium: 8575
Low: 784
Information: 4
Vulnerability Name
CVE
CWE
Severity
PHP Improper Input Validation Vulnerability (CVE-2015-4604)
CVE-2015-4604
CWE-20
High
PHP Data Processing Errors Vulnerability (CVE-2015-4147)
CVE-2015-4147
-
High
Jetty Observable Discrepancy Vulnerability (CVE-2017-9735)
CVE-2017-9735
CWE-203
High
PHP Data Processing Errors Vulnerability (CVE-2015-4026)
CVE-2015-4026
-
High
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)
CVE-2020-9591
CWE-200
High
Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9588)
CVE-2020-9588
-
High
PHP Data Processing Errors Vulnerability (CVE-2015-4025)
CVE-2015-4025
-
High
Magento Incorrect Authorization Vulnerability (CVE-2020-9587)
CVE-2020-9587
CWE-863
High
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9789)
CVE-2017-9789
CWE-416
High
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0611)
CVE-2008-0611
CWE-138
High
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)
CVE-2017-9067
CWE-22
High
SharePoint CVE-2017-8509 Vulnerability (CVE-2017-8509)
CVE-2017-8509
-
High
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8814)
CVE-2017-8814
CWE-20
High
SharePoint CVE-2017-8511 Vulnerability (CVE-2017-8511)
CVE-2017-8511
-
High
Ext JS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2007-6758)
CVE-2007-6758
CWE-918
High
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8569)
CVE-2017-8569
CWE-707
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8742)
CVE-2017-8742
CWE-119
High
Internet Information Services CVE-2008-0074 Vulnerability (CVE-2008-0074)
CVE-2008-0074
-
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8743)
CVE-2017-8743
CWE-119
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8810)
CVE-2017-8810
CWE-200
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0145)
CVE-2008-0145
CWE-264
High
OpenSSL Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2008-0166)
CVE-2008-0166
CWE-338
High
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0194)
CVE-2008-0194
CWE-22
High
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)
CVE-2017-9067
CWE-22
High
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8815)
CVE-2017-8815
CWE-20
High
concrete5 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4724)
CVE-2015-4724
CWE-138
High
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-0226)
CVE-2008-0226
CWE-119
High
CherryPy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0252)
CVE-2008-0252
CWE-22
High
ownCloud Resource Management Errors Vulnerability (CVE-2015-4717)
CVE-2015-4717
-
High
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9062)
CVE-2017-9062
CWE-707
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0383)
CVE-2008-0383
CWE-138
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-9064)
CVE-2017-9064
CWE-352
High
WordPress Improper Input Validation Vulnerability (CVE-2017-9065)
CVE-2017-9065
CWE-20
High
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-9066)
CVE-2017-9066
CWE-918
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-8022)
CVE-2018-8022
CWE-20
High
Plone CMS CVE-2011-0720 Vulnerability (CVE-2011-0720)
CVE-2011-0720
-
High
Joomla Improper Input Validation Vulnerability (CVE-2015-8564)
CVE-2015-8564
CWE-20
High
Moodle Incorrect Authorization Vulnerability (CVE-2020-14321)
CVE-2020-14321
CWE-863
High
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)
CVE-2012-5487
CWE-264
High
Restlet Framework Deserialization of Untrusted Data Vulnerability (CVE-2013-4271)
CVE-2013-4271
CWE-502
High
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5493)
CVE-2012-5493
CWE-94
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14443)
CVE-2020-14443
CWE-138
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)
CVE-2020-14384
CWE-400
High
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-14350)
CVE-2020-14350
CWE-426
High
PostgreSQL Uncontrolled Search Path Element Vulnerability (CVE-2020-14349)
CVE-2020-14349
CWE-427
High
Restlet Framework XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2013-4221)
CVE-2013-4221
CWE-91
High
Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-14322)
CVE-2020-14322
CWE-770
High
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-14209)
CVE-2020-14209
CWE-434
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-4313)
CVE-2013-4313
CWE-138
High
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3394)
CVE-2019-3394
CWE-22
High
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3398)
CVE-2019-3398
CWE-22
High
Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)
CVE-2020-14178
-
High
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399)
CVE-2019-3399
CWE-862
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4115)
CVE-2013-4115
CWE-119
High
Jboss EAP CVE-2012-5626 Vulnerability (CVE-2012-5626)
CVE-2012-5626
-
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5629)
CVE-2012-5629
CWE-264
High
Varnish Cache Other Vulnerability (CVE-2013-4090)
CVE-2013-4090
-
High
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849)
CVE-2012-5849
CWE-138
High
MediaWiki Improper Authentication Vulnerability (CVE-2013-4304)
CVE-2013-4304
CWE-287
High
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5469)
CVE-2012-5469
CWE-264
High
Moodle Improper Input Validation Vulnerability (CVE-2019-3847)
CVE-2019-3847
CWE-20
High
WebLogic CVE-2019-2890 Vulnerability (CVE-2019-2890)
CVE-2019-2890
-
High
PleskLin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4878)
CVE-2013-4878
CWE-264
High
PleskWin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4878)
CVE-2013-4878
CWE-264
High
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4927)
CVE-2012-4927
CWE-138
High
MySQL CVE-2019-2822 Vulnerability (CVE-2019-2822)
CVE-2019-2822
-
High
Oracle JRE CVE-2020-14593 Vulnerability (CVE-2020-14593)
CVE-2020-14593
-
High
MediaWiki Session Fixation Vulnerability (CVE-2013-4572)
CVE-2013-4572
CWE-384
High
MediaWiki Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4571)
CVE-2013-4571
CWE-119
High
Oracle JRE CVE-2012-5068 Vulnerability (CVE-2012-5068)
CVE-2012-5068
-
High
WebLogic CVE-2020-14589 Vulnerability (CVE-2020-14589)
CVE-2020-14589
-
High
WebLogic CVE-2020-14588 Vulnerability (CVE-2020-14588)
CVE-2020-14588
-
High
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4338)
CVE-2013-4338
CWE-94
High
WebLogic CVE-2019-2891 Vulnerability (CVE-2019-2891)
CVE-2019-2891
-
High
Lighttpd Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4559)
CVE-2013-4559
CWE-264
High
«
1
...
159
160
161
...
314
»