Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Missing Update

This page lists 22224 vulnerabilities in this category.

Critical: 1394 High: 12186 Medium: 7891 Low: 749 Information: 4
Vulnerability Name
CVE
CWE
Severity
TYPO3 Insufficient Entropy Vulnerability (CVE-2025-59015)
CVE-2025-59015
CWE-331
Medium
TYPO3 Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-59016)
CVE-2025-59016
CWE-209
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13655)
CVE-2020-13655
CWE-707
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59018)
CVE-2025-59018
CWE-200
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59019)
CVE-2025-59019
CWE-200
Medium
Jboss EAP Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-5731)
CVE-2025-5731
CWE-209
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26083)
CVE-2021-26083
CWE-707
Medium
Apache Tomcat Session Fixation Vulnerability (CVE-2025-55668)
CVE-2025-55668
CWE-384
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13827)
CVE-2020-13827
CWE-707
Medium
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54124)
CVE-2025-54124
CWE-359
Medium
SharePoint Improper Authentication Vulnerability (CVE-2025-53771)
CVE-2025-53771
CWE-287
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13762)
CVE-2020-13762
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13761)
CVE-2020-13761
CWE-707
Medium
Apache HTTP Server Incorrect Check of Function Return Value Vulnerability (CVE-2025-54090)
CVE-2025-54090
CWE-253
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42042)
CVE-2021-42042
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42041)
CVE-2021-42041
CWE-707
Medium
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54125)
CVE-2025-54125
CWE-359
Medium
Next.js Improper Input Validation Vulnerability (CVE-2025-55173)
CVE-2025-55173
CWE-20
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13688)
CVE-2020-13688
CWE-707
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2020-13676)
CVE-2020-13676
CWE-863
Medium
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674)
CVE-2020-13674
CWE-352
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13672)
CVE-2020-13672
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13669)
CVE-2020-13669
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13668)
CVE-2020-13668
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42048)
CVE-2021-42048
CWE-707
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50079)
CVE-2025-50079
CWE-400
Medium
Oracle JRE CVE-2020-14556 Vulnerability (CVE-2020-14556)
CVE-2020-14556
-
Medium
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-46053)
CVE-2025-46053
CWE-138
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14320)
CVE-2020-14320
CWE-707
Medium
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2025-47939)
CVE-2025-47939
CWE-434
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29044)
CVE-2021-29044
CWE-707
Medium
TYPO3 Incorrect Authorization Vulnerability (CVE-2025-47937)
CVE-2025-47937
CWE-863
Medium
SharePoint CVE-2021-42294 Vulnerability (CVE-2021-42294)
CVE-2021-42294
-
Medium
TYPO3 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-47936)
CVE-2025-47936
CWE-918
Medium
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14340)
CVE-2020-14340
CWE-400
Medium
Envoy Proxy Overly Restrictive Regular Expression Vulnerability (CVE-2025-46821)
CVE-2025-46821
CWE-186
Medium
Python Uncontrolled Resource Consumption Vulnerability (CVE-2020-14422)
CVE-2020-14422
CWE-400
Medium
SharePoint Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-42309)
CVE-2021-42309
CWE-732
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14475)
CVE-2020-14475
CWE-707
Medium
SharePoint Authentication Bypass by Spoofing Vulnerability (CVE-2021-42320)
CVE-2021-42320
CWE-290
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2025-46554)
CVE-2025-46554
CWE-862
Medium
Liferay Portal Insufficiently Protected Credentials Vulnerability (CVE-2021-29043)
CVE-2021-29043
CWE-522
Medium
MySQL CVE-2020-14539 Vulnerability (CVE-2020-14539)
CVE-2020-14539
-
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42220)
CVE-2021-42220
CWE-707
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3645)
CVE-2025-3645
CWE-863
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3640)
CVE-2025-3640
CWE-639
Medium
MySQL CVE-2020-14553 Vulnerability (CVE-2020-14553)
CVE-2020-14553
-
Medium
Nexus Repository Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-42568)
CVE-2021-42568
CWE-200
Medium
MySQL CVE-2020-14550 Vulnerability (CVE-2020-14550)
CVE-2020-14550
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-3643)
CVE-2025-3643
CWE-707
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3644)
CVE-2025-3644
CWE-863
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2025-3647)
CVE-2025-3647
CWE-863
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45893)
CVE-2025-45893
CWE-707
Medium
MySQL CVE-2020-14547 Vulnerability (CVE-2020-14547)
CVE-2020-14547
-
Medium
MySQL CVE-2020-14540 Vulnerability (CVE-2020-14540)
CVE-2020-14540
-
Medium
Mailman Incorrect Authorization Vulnerability (CVE-2025-43921)
CVE-2025-43921
CWE-863
Medium
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-44110)
CVE-2025-44110
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45387)
CVE-2025-45387
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45892)
CVE-2025-45892
CWE-707
Medium
Jboss EAP Improper Authentication Vulnerability (CVE-2020-14299)
CVE-2020-14299
CWE-287
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29045)
CVE-2021-29045
CWE-707
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50078)
CVE-2025-50078
CWE-400
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13964)
CVE-2020-13964
CWE-707
Medium
Squid Improper Synchronization Vulnerability (CVE-2020-14059)
CVE-2020-14059
CWE-662
Medium
SharePoint Improper Authentication Vulnerability (CVE-2025-49706)
CVE-2025-49706
CWE-287
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14012)
CVE-2020-14012
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13980)
CVE-2020-13980
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13965)
CVE-2020-13965
CWE-707
Medium
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050)
CVE-2021-42050
CWE-707
Medium
WebLogic Improper Privilege Management Vulnerability (CVE-2025-50064)
CVE-2025-50064
CWE-269
Medium
Atlassian Jira CVE-2020-14165 Vulnerability (CVE-2020-14165)
CVE-2020-14165
-
Medium
MediaWiki CVE-2021-42049 Vulnerability (CVE-2021-42049)
CVE-2021-42049
-
Medium
Oracle Database Server Improper Access Control Vulnerability (CVE-2025-50070)
CVE-2025-50070
CWE-284
Medium
WebLogic Improper Access Control Vulnerability (CVE-2025-50072)
CVE-2025-50072
CWE-284
Medium
WebLogic Improper Authorization Vulnerability (CVE-2025-50073)
CVE-2025-50073
CWE-285
Medium