🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23168 vulnerabilities
in this category.
Critical: 1485
High: 12484
Medium: 8421
Low: 774
Information: 4
Vulnerability Name
CVE
CWE
Severity
MySQL CVE-2018-3054 Vulnerability (CVE-2018-3054)
CVE-2018-3054
-
Medium
Oracle Database Server CVE-2018-3004 Vulnerability (CVE-2018-3004)
CVE-2018-3004
-
Medium
WebLogic CVE-2018-2998 Vulnerability (CVE-2018-2998)
CVE-2018-2998
-
Medium
WebLogic CVE-2018-2987 Vulnerability (CVE-2018-2987)
CVE-2018-2987
-
Medium
Java Unspesificed Vulnerability (CVE-2018-2973)
CVE-2018-2973
-
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20153)
CVE-2018-20153
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20150)
CVE-2018-20150
CWE-707
Medium
MySQL CVE-2018-3283 Vulnerability (CVE-2018-3283)
CVE-2018-3283
-
Medium
Django Insufficiently Protected Credentials Vulnerability (CVE-2018-16984)
CVE-2018-16984
CWE-522
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17302)
CVE-2018-17302
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17301)
CVE-2018-17301
CWE-707
Medium
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-17189)
CVE-2018-17189
CWE-400
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17128)
CVE-2018-17128
CWE-707
Medium
PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17082)
CVE-2018-17082
CWE-707
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
CVE-2018-17081
CWE-352
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17003)
CVE-2018-17003
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16980)
CVE-2018-16980
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17423)
CVE-2018-17423
CWE-707
Medium
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-16845)
CVE-2018-16845
CWE-835
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16808)
CVE-2018-16808
CWE-707
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16619)
CVE-2018-16619
CWE-707
Medium
Lodash CVE-2018-16487 Vulnerability (CVE-2018-16487)
CVE-2018-16487
-
Medium
Ruby on Rails CVE-2018-16477 Vulnerability (CVE-2018-16477)
CVE-2018-16477
-
Medium
Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16410)
CVE-2018-16410
CWE-138
Medium
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16397)
CVE-2018-16397
CWE-434
Medium
Dot CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-17422)
CVE-2018-17422
CWE-601
Medium
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17571)
CVE-2018-17571
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16381)
CVE-2018-16381
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18624)
CVE-2018-18624
CWE-707
Medium
MathJax Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999024)
CVE-2018-1999024
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999007)
CVE-2018-1999007
CWE-707
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)
CVE-2018-1999006
CWE-200
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999005)
CVE-2018-1999005
CWE-707
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999004)
CVE-2018-1999004
CWE-863
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999003)
CVE-2018-1999003
CWE-863
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18625)
CVE-2018-18625
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18623)
CVE-2018-18623
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17784)
CVE-2018-17784
CWE-707
Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18405)
CVE-2018-18405
CWE-707
Medium
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-18288)
CVE-2018-18288
CWE-601
Medium
Next.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18282)
CVE-2018-18282
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17960)
CVE-2018-17960
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17866)
CVE-2018-17866
CWE-707
Medium
Joomla CVE-2018-17859 Vulnerability (CVE-2018-17859)
CVE-2018-17859
-
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2018-17857)
CVE-2018-17857
CWE-863
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16389)
CVE-2018-16389
CWE-138
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16358)
CVE-2018-16358
CWE-707
Medium
Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1999044)
CVE-2018-1999044
CWE-835
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13387)
CVE-2018-13387
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13403)
CVE-2018-13403
CWE-707
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402)
CVE-2018-13402
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
CVE-2018-13401
CWE-601
Medium
Atlassian Jira Improper Privilege Management Vulnerability (CVE-2018-13400)
CVE-2018-13400
CWE-269
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13395)
CVE-2018-13395
CWE-707
Medium
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13391)
CVE-2018-13391
CWE-200
Medium
Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389)
CVE-2018-13389
CWE-20
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13258)
CVE-2018-13258
CWE-200
Medium
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13422)
CVE-2018-13422
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13136)
CVE-2018-13136
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12711)
CVE-2018-12711
CWE-707
Medium
Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12615)
CVE-2018-12615
CWE-732
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12581)
CVE-2018-12581
CWE-707
Medium
Jetty CVE-2018-12536 Vulnerability (CVE-2018-12536)
CVE-2018-12536
-
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12100)
CVE-2018-12100
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12099)
CVE-2018-12099
CWE-707
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13404)
CVE-2018-13404
CWE-918
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13423)
CVE-2018-13423
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16277)
CVE-2018-16277
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14631)
CVE-2018-14631
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-15880)
CVE-2018-15880
CWE-707
Medium
Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2018-15833)
CVE-2018-15833
CWE-639
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-15605)
CVE-2018-15605
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-15596)
CVE-2018-15596
CWE-707
Medium
PHP Out-of-bounds Read Vulnerability (CVE-2018-14851)
CVE-2018-14851
CWE-125
Medium
Drupal CVE-2018-14773 Vulnerability (CVE-2018-14773)
CVE-2018-14773
-
Medium
«
1
...
271
272
273
...
309
»
