Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23168 vulnerabilities in this category.

Critical: 1485 High: 12484 Medium: 8421 Low: 774 Information: 4
Vulnerability Name
CVE
CWE
Severity
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4271)
CVE-2022-4271
CWE-707
Medium
OpenSSL Observable Discrepancy Vulnerability (CVE-2022-4304)
CVE-2022-4304
CWE-203
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4407)
CVE-2022-4407
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4408)
CVE-2022-4408
CWE-707
Medium
MySQL CVE-2021-2001 Vulnerability (CVE-2021-2001)
CVE-2021-2001
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48007)
CVE-2022-48007
CWE-707
Medium
MySQL CVE-2021-2016 Vulnerability (CVE-2021-2016)
CVE-2021-2016
-
Medium
PHP Out-of-bounds Write Vulnerability (CVE-2022-4900)
CVE-2022-4900
CWE-787
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-45149)
CVE-2022-45149
CWE-352
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44950)
CVE-2022-44950
CWE-707
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44951)
CVE-2022-44951
CWE-707
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44952)
CVE-2022-44952
CWE-707
Medium
MySQL CVE-2021-2032 Vulnerability (CVE-2021-2032)
CVE-2021-2032
-
Medium
MySQL CVE-2021-2031 Vulnerability (CVE-2021-2031)
CVE-2021-2031
-
Medium
MySQL CVE-2021-2030 Vulnerability (CVE-2021-2030)
CVE-2021-2030
-
Medium
MySQL CVE-2021-2028 Vulnerability (CVE-2021-2028)
CVE-2021-2028
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45150)
CVE-2022-45150
CWE-707
Medium
MySQL CVE-2021-2020 Vulnerability (CVE-2021-2020)
CVE-2021-2020
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45151)
CVE-2022-45151
CWE-707
Medium
MySQL CVE-2021-2024 Vulnerability (CVE-2021-2024)
CVE-2021-2024
-
Medium
Liferay DXP CVE-2022-45320 Vulnerability (CVE-2022-45320)
CVE-2022-45320
-
Medium
Liferay Portal CVE-2022-45320 Vulnerability (CVE-2022-45320)
CVE-2022-45320
-
Medium
MySQL CVE-2021-2022 Vulnerability (CVE-2021-2022)
CVE-2021-2022
-
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45783)
CVE-2022-45783
CWE-22
Medium
MySQL CVE-2021-2021 Vulnerability (CVE-2021-2021)
CVE-2021-2021
-
Medium
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-46158)
CVE-2022-46158
CWE-200
Medium
IBM RTC Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-29786)
CVE-2021-29786
CWE-312
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4973)
CVE-2022-4973
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29044)
CVE-2021-29044
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0787)
CVE-2023-0787
CWE-707
Medium
PHP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2023-0567)
CVE-2023-0567
CWE-916
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0594)
CVE-2023-0594
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606)
CVE-2023-0606
CWE-707
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0607)
CVE-2023-0607
CWE-707
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-29052)
CVE-2021-29052
CWE-276
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29051)
CVE-2021-29051
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0786)
CVE-2023-0786
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29049)
CVE-2021-29049
CWE-707
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0466)
CVE-2023-0466
CWE-295
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29048)
CVE-2021-29048
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0791)
CVE-2023-0791
CWE-707
Medium
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0792)
CVE-2023-0792
CWE-94
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29046)
CVE-2021-29046
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0794)
CVE-2023-0794
CWE-707
Medium
phpMyFAQ Misinterpretation of Input Vulnerability (CVE-2023-0880)
CVE-2023-0880
CWE-115
Medium
Wordpress Plugin Backup Migration Missing Authorization Vulnerability (CVE-2023-0958)
CVE-2023-0958
CWE-862
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29045)
CVE-2021-29045
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0507)
CVE-2023-0507
CWE-707
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0465)
CVE-2023-0465
CWE-295
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-50905)
CVE-2022-50905
CWE-707
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-29450)
CVE-2021-29450
CWE-200
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-50906)
CVE-2022-50906
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29713)
CVE-2021-29713
CWE-707
Medium
IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-29701)
CVE-2021-29701
CWE-668
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29673)
CVE-2021-29673
CWE-707
Medium
ownCloud Incorrect Authorization Vulnerability (CVE-2021-29659)
CVE-2021-29659
CWE-863
Medium
Highcharts JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29489)
CVE-2021-29489
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29459)
CVE-2021-29459
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0306)
CVE-2023-0306
CWE-707
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29159)
CVE-2021-29159
CWE-707
Medium
WordPress Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-29447)
CVE-2021-29447
CWE-611
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0308)
CVE-2023-0308
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0309)
CVE-2023-0309
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0310)
CVE-2023-0310
CWE-707
Medium
WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29425)
CVE-2021-29425
CWE-22
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0312)
CVE-2023-0312
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0313)
CVE-2023-0313
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0314)
CVE-2023-0314
CWE-707
Medium
EspoCRM Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-52892)
CVE-2025-52892
-
Medium
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-43809)
CVE-2025-43809
CWE-352
Medium
Moodle Session Fixation Vulnerability (CVE-2025-53021)
CVE-2025-53021
CWE-384
Medium
Oracle JRE CVE-2018-2641 Vulnerability (CVE-2018-2641)
CVE-2018-2641
-
Medium
MySQL CVE-2018-2668 Vulnerability (CVE-2018-2668)
CVE-2018-2668
-
Medium
MySQL CVE-2018-2667 Vulnerability (CVE-2018-2667)
CVE-2018-2667
-
Medium
MySQL CVE-2018-2665 Vulnerability (CVE-2018-2665)
CVE-2018-2665
-
Medium