🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23500 vulnerabilities
in this category.
Critical: 1518
High: 12619
Medium: 8575
Low: 784
Information: 4
Vulnerability Name
CVE
CWE
Severity
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3192)
CVE-2011-3192
CWE-400
High
ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11378)
CVE-2019-11378
CWE-434
High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444)
CVE-2019-11444
CWE-138
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)
CVE-2019-11446
CWE-434
High
PHP Other Vulnerability (CVE-2019-11044)
CVE-2019-11044
-
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11042)
CVE-2019-11042
CWE-125
High
Squid Improper Input Validation Vulnerability (CVE-2020-24606)
CVE-2020-24606
CWE-20
High
axios Improper Input Validation Vulnerability (CVE-2019-10742)
CVE-2019-10742
CWE-20
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10384)
CVE-2019-10384
CWE-352
High
Plone CMS CVE-2011-2528 Vulnerability (CVE-2011-2528)
CVE-2011-2528
-
High
Zope Web Application Server CVE-2011-2528 Vulnerability (CVE-2011-2528)
CVE-2011-2528
-
High
Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)
CVE-2020-25710
CWE-617
High
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2687)
CVE-2011-2687
CWE-264
High
Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10642)
CVE-2019-10642
CWE-352
High
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10673)
CVE-2019-10673
CWE-352
High
Moodle Improper Privilege Management Vulnerability (CVE-2020-25699)
CVE-2020-25699
CWE-269
High
Moodle CVE-2020-25698 Vulnerability (CVE-2020-25698)
CVE-2020-25698
-
High
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768)
CVE-2019-10768
CWE-20
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)
CVE-2019-11041
CWE-125
High
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)
CVE-2011-2726
CWE-863
High
Drupal Improper Authentication Vulnerability (CVE-2019-10911)
CVE-2019-10911
CWE-287
High
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)
CVE-2019-10946
CWE-306
High
PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)
CVE-2020-25696
-
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-25695)
CVE-2020-25695
CWE-138
High
PostgreSQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2020-25694)
CVE-2020-25694
CWE-327
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)
CVE-2020-25644
CWE-400
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3541)
CVE-2014-3541
CWE-94
High
Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2020-25630)
CVE-2020-25630
CWE-400
High
Moodle Improper Access Control Vulnerability (CVE-2020-25629)
CVE-2020-25629
CWE-284
High
CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458)
CVE-2019-11458
CWE-502
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2011-3336)
CVE-2011-3336
CWE-400
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10353)
CVE-2019-10353
CWE-352
High
Python Files or Directories Accessible to External Parties Vulnerability (CVE-2019-13404)
CVE-2019-13404
CWE-552
High
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12528)
CVE-2019-12528
CWE-200
High
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12830)
CVE-2019-12830
CWE-707
High
MyBB Improper Input Validation Vulnerability (CVE-2019-12831)
CVE-2019-12831
CWE-20
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-12854)
CVE-2019-12854
CWE-119
High
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2019-12855)
CVE-2019-12855
CWE-295
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12872)
CVE-2019-12872
CWE-138
High
Oracle JRE CVE-2014-2428 Vulnerability (CVE-2014-2428)
CVE-2014-2428
-
High
Oracle JRE CVE-2014-2427 Vulnerability (CVE-2014-2427)
CVE-2014-2427
-
High
Oracle JRE CVE-2014-2423 Vulnerability (CVE-2014-2423)
CVE-2014-2423
-
High
PrestaShop Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-13461)
CVE-2019-13461
CWE-639
High
Squid Improper Input Validation Vulnerability (CVE-2019-12520)
CVE-2019-12520
CWE-20
High
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-24400)
CVE-2020-24400
CWE-138
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14232)
CVE-2019-14232
CWE-400
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14233)
CVE-2019-14233
CWE-400
High
Django Uncontrolled Recursion Vulnerability (CVE-2019-14235)
CVE-2019-14235
CWE-674
High
Oracle JRE CVE-2014-2414 Vulnerability (CVE-2014-2414)
CVE-2014-2414
-
High
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-14322)
CVE-2019-14322
CWE-22
High
Oracle JRE CVE-2014-2412 Vulnerability (CVE-2014-2412)
CVE-2014-2412
-
High
Oracle Database Server CVE-2014-2406 Vulnerability (CVE-2014-2406)
CVE-2014-2406
-
High
EspoCRM Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2019-14351)
CVE-2019-14351
CWE-307
High
Oracle JRE CVE-2014-2402 Vulnerability (CVE-2014-2402)
CVE-2014-2402
-
High
Squid Out-of-bounds Write Vulnerability (CVE-2019-12527)
CVE-2019-12527
CWE-787
High
MediaWiki CVE-2019-12474 Vulnerability (CVE-2019-12474)
CVE-2019-12474
-
High
ProjectSend Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-11492)
CVE-2019-11492
CWE-532
High
TYPO3 Improper Input Validation Vulnerability (CVE-2019-11832)
CVE-2019-11832
CWE-20
High
Django Incorrect Default Permissions Vulnerability (CVE-2020-24584)
CVE-2020-24584
CWE-276
High
Django Incorrect Default Permissions Vulnerability (CVE-2020-24583)
CVE-2020-24583
CWE-276
High
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24554)
CVE-2020-24554
CWE-601
High
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3379)
CVE-2011-3379
CWE-94
High
Jboss EAP Other Vulnerability (CVE-2014-3490)
CVE-2014-3490
-
High
GlassFish CVE-2011-3559 Vulnerability (CVE-2011-3559)
CVE-2011-3559
-
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3483)
CVE-2014-3483
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3482)
CVE-2014-3482
CWE-138
High
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613)
CVE-2011-3613
CWE-200
High
Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)
CVE-2011-3629
CWE-326
High
MediaWiki CVE-2019-12473 Vulnerability (CVE-2019-12473)
CVE-2019-12473
-
High
PHPFusion Code Execution Vulnerability (CVE-2019-12099)
CVE-2019-12099
-
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169)
CVE-2019-12169
CWE-434
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)
CVE-2019-12170
CWE-434
High
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385)
CVE-2019-12385
CWE-138
High
Magento CVE-2019-8229 Vulnerability (CVE-2019-8229)
CVE-2019-8229
-
High
Apache Tomcat Insufficiently Protected Credentials Vulnerability (CVE-2019-12418)
CVE-2019-12418
CWE-522
High
«
1
...
165
166
167
...
314
»