🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23101 vulnerabilities
in this category.
Critical: 1474
High: 12458
Medium: 8395
Low: 770
Information: 4
Vulnerability Name
CVE
CWE
Severity
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4209)
CVE-2010-4209
CWE-707
Medium
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4257)
CVE-2010-4257
CWE-138
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4329)
CVE-2010-4329
CWE-707
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-4627)
CVE-2010-4627
CWE-352
Medium
PHP Numeric Errors Vulnerability (CVE-2010-4409)
CVE-2010-4409
-
Medium
Oracle Database Server CVE-2010-4413 Vulnerability (CVE-2010-4413)
CVE-2010-4413
-
Medium
Oracle Database Server CVE-2010-4421 Vulnerability (CVE-2010-4421)
CVE-2010-4421
-
Medium
Oracle Database Server CVE-2010-4423 Vulnerability (CVE-2010-4423)
CVE-2010-4423
-
Medium
GlassFish CVE-2010-4438 Vulnerability (CVE-2010-4438)
CVE-2010-4438
-
Medium
WebLogic CVE-2010-4453 Vulnerability (CVE-2010-4453)
CVE-2010-4453
-
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4480)
CVE-2010-4480
CWE-707
Medium
phpMyAdmin Improper Authentication Vulnerability (CVE-2010-4481)
CVE-2010-4481
CWE-287
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4522)
CVE-2010-4522
CWE-707
Medium
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-4534)
CVE-2010-4534
CWE-264
Medium
Django Improper Input Validation Vulnerability (CVE-2010-4535)
CVE-2010-4535
CWE-20
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4536)
CVE-2010-4536
CWE-707
Medium
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-4625)
CVE-2010-4625
CWE-200
Medium
MyBB Cryptographic Issues Vulnerability (CVE-2010-4626)
CVE-2010-4626
-
Medium
WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000868)
CVE-2018-1000868
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1113)
CVE-2017-1113
CWE-707
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2018-1000873)
CVE-2018-1000873
CWE-20
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425)
CVE-2022-27425
CWE-707
Medium
Oracle HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2022-25313)
CVE-2022-25313
CWE-400
Medium
ownCloud Other Vulnerability (CVE-2022-25338)
CVE-2022-25338
-
Medium
ownCloud Other Vulnerability (CVE-2022-25339)
CVE-2022-25339
-
Medium
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25869)
CVE-2022-25869
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26593)
CVE-2022-26593
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26594)
CVE-2022-26594
CWE-707
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-26595)
CVE-2022-26595
CWE-276
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596)
CVE-2022-26596
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26596)
CVE-2022-26596
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597)
CVE-2022-26597
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-26597)
CVE-2022-26597
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422)
CVE-2022-27422
CWE-707
Medium
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27907)
CVE-2022-27907
CWE-918
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25276)
CVE-2022-25276
CWE-707
Medium
Joomla CVE-2022-27911 Vulnerability (CVE-2022-27911)
CVE-2022-27911
-
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-27912)
CVE-2022-27912
CWE-200
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27913)
CVE-2022-27913
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27914)
CVE-2022-27914
CWE-707
Medium
MediaWiki Uncontrolled Recursion Vulnerability (CVE-2022-28201)
CVE-2022-28201
CWE-674
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28202)
CVE-2022-28202
CWE-707
Medium
Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)
CVE-2022-28330
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28378)
CVE-2022-28378
CWE-707
Medium
Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)
CVE-2022-28614
-
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28803)
CVE-2022-28803
CWE-707
Medium
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28923)
CVE-2022-28923
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977)
CVE-2022-28977
CWE-601
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977)
CVE-2022-28977
CWE-601
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28978)
CVE-2022-28978
CWE-707
Medium
Drupal CVE-2022-25278 Vulnerability (CVE-2022-25278)
CVE-2022-25278
-
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25274)
CVE-2022-25274
CWE-863
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28979)
CVE-2022-28979
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23808)
CVE-2022-23808
CWE-707
Medium
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-23616)
CVE-2022-23616
CWE-138
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-23617)
CVE-2022-23617
CWE-862
Medium
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618)
CVE-2022-23618
CWE-601
Medium
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620)
CVE-2022-23620
CWE-116
Medium
XWiki Files or Directories Accessible to External Parties Vulnerability (CVE-2022-23621)
CVE-2022-23621
CWE-552
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23622)
CVE-2022-23622
CWE-707
Medium
Ruby on Rails CVE-2022-23633 Vulnerability (CVE-2022-23633)
CVE-2022-23633
-
Medium
Ruby on Rails CVE-2022-23634 Vulnerability (CVE-2022-23634)
CVE-2022-23634
-
Medium
Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2022-23794)
CVE-2022-23794
CWE-209
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23796)
CVE-2022-23796
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23800)
CVE-2022-23800
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23801)
CVE-2022-23801
CWE-707
Medium
phpMyAdmin Improper Authentication Vulnerability (CVE-2022-23807)
CVE-2022-23807
CWE-287
Medium
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23871)
CVE-2022-23871
CWE-707
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25270)
CVE-2022-25270
CWE-863
Medium
MongoDb Reachable Assertion Vulnerability (CVE-2022-24272)
CVE-2022-24272
CWE-617
Medium
silverstripeCMS Session Fixation Vulnerability (CVE-2022-24444)
CVE-2022-24444
CWE-384
Medium
SharePoint CVE-2022-24472 Vulnerability (CVE-2022-24472)
CVE-2022-24472
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24620)
CVE-2022-24620
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Medium
«
1
...
245
246
247
...
309
»
