🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23168 vulnerabilities
in this category.
Critical: 1485
High: 12484
Medium: 8421
Low: 774
Information: 4
Vulnerability Name
CVE
CWE
Severity
SharePoint CVE-2020-0977 Vulnerability (CVE-2020-0977)
CVE-2020-0977
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-67477)
CVE-2025-67477
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0978)
CVE-2020-0978
CWE-707
Medium
MediaWiki Improper Input Validation Vulnerability (CVE-2025-67480)
CVE-2025-67480
CWE-20
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-67481)
CVE-2025-67481
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-67483)
CVE-2025-67483
CWE-707
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15695)
CVE-2020-15695
CWE-352
Medium
Joomla Improper Input Validation Vulnerability (CVE-2020-10240)
CVE-2020-10240
CWE-20
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15562)
CVE-2020-15562
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10242)
CVE-2020-10242
CWE-707
Medium
ownCloud Improper Authentication Vulnerability (CVE-2020-10254)
CVE-2020-10254
CWE-287
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0894)
CVE-2020-0894
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0891)
CVE-2020-0891
CWE-707
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447)
CVE-2019-8447
CWE-352
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-9711)
CVE-2019-9711
CWE-707
Medium
Atlassian Jira CVE-2019-8448 Vulnerability (CVE-2019-8448)
CVE-2019-8448
-
Medium
Atlassian Jira Missing Authentication for Critical Function Vulnerability (CVE-2019-8449)
CVE-2019-8449
CWE-306
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8450)
CVE-2019-8450
CWE-707
Medium
Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-15810)
CVE-2020-15810
CWE-444
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8451)
CVE-2019-8451
CWE-918
Medium
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2025-64527)
CVE-2025-64527
CWE-476
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8935)
CVE-2019-8935
CWE-707
Medium
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8943)
CVE-2019-8943
CWE-22
Medium
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
CVE-2019-9516
CWE-770
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15700)
CVE-2020-15700
CWE-352
Medium
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
CVE-2019-9516
CWE-770
Medium
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
CVE-2019-9516
CWE-770
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-9554)
CVE-2019-9554
CWE-707
Medium
Envoy Proxy Protection Mechanism Failure Vulnerability (CVE-2025-64763)
CVE-2025-64763
CWE-693
Medium
Python Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2019-9947)
CVE-2019-9947
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-9712)
CVE-2019-9712
CWE-707
Medium
Apache HTTP Server Improper Neutralization of Escape, Meta, or Control Sequences Vulnerability (CVE-2025-65082)
CVE-2025-65082
CWE-150
Medium
Joomla Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-15699)
CVE-2020-15699
CWE-345
Medium
Contao Insufficient Type Distinction Vulnerability (CVE-2025-65960)
CVE-2025-65960
CWE-351
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-65961)
CVE-2025-65961
CWE-707
Medium
OpenSSL Memory Allocation with Excessive Size Value Vulnerability (CVE-2025-66199)
CVE-2025-66199
CWE-789
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-9714)
CVE-2019-9714
CWE-707
Medium
Apache HTTP Server Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-66200)
CVE-2025-66200
CWE-288
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15698)
CVE-2020-15698
CWE-200
Medium
Werkzeug WSGI Improper Handling of Windows Device Names Vulnerability (CVE-2025-66221)
CVE-2025-66221
CWE-67
Medium
Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-66412)
CVE-2025-66412
CWE-707
Medium
Python Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2019-9740)
CVE-2019-9740
CWE-707
Medium
Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-66447)
CVE-2025-66447
CWE-601
Medium
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-42034)
CVE-2026-42034
CWE-770
Medium
Angular Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-41423)
CVE-2026-41423
CWE-918
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7939)
CVE-2019-7939
CWE-707
Medium
Chamilo Observable Response Discrepancy Vulnerability (CVE-2026-30876)
CVE-2026-30876
CWE-204
Medium
phpMyFAQ CVE-2026-24420 Vulnerability (CVE-2026-24420)
CVE-2026-24420
-
Medium
phpMyFAQ Missing Authorization Vulnerability (CVE-2026-24421)
CVE-2026-24421
CWE-862
Medium
MySQL CVE-2020-14568 Vulnerability (CVE-2020-14568)
CVE-2020-14568
-
Medium
MySQL CVE-2020-14812 Vulnerability (CVE-2020-14812)
CVE-2020-14812
-
Medium
MySQL CVE-2020-14809 Vulnerability (CVE-2020-14809)
CVE-2020-14809
-
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14572)
CVE-2020-14572
CWE-707
Medium
MySQL CVE-2020-14804 Vulnerability (CVE-2020-14804)
CVE-2020-14804
-
Medium
Java Unspesificed Vulnerability (CVE-2020-14803)
CVE-2020-14803
-
Medium
MySQL CVE-2020-14575 Vulnerability (CVE-2020-14575)
CVE-2020-14575
-
Medium
MySQL CVE-2020-14576 Vulnerability (CVE-2020-14576)
CVE-2020-14576
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-25491)
CVE-2026-25491
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-30882)
CVE-2026-30882
CWE-707
Medium
MySQL CVE-2020-14586 Vulnerability (CVE-2020-14586)
CVE-2020-14586
-
Medium
MySQL CVE-2020-14567 Vulnerability (CVE-2020-14567)
CVE-2020-14567
-
Medium
Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-2950)
CVE-2026-2950
CWE-1321
Medium
MySQL CVE-2020-14591 Vulnerability (CVE-2020-14591)
CVE-2020-14591
-
Medium
MySQL CVE-2020-14597 Vulnerability (CVE-2020-14597)
CVE-2020-14597
-
Medium
MySQL CVE-2020-14614 Vulnerability (CVE-2020-14614)
CVE-2020-14614
-
Medium
MySQL CVE-2020-14619 Vulnerability (CVE-2020-14619)
CVE-2020-14619
-
Medium
MySQL CVE-2020-14620 Vulnerability (CVE-2020-14620)
CVE-2020-14620
-
Medium
Craft CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-25492)
CVE-2026-25492
CWE-918
Medium
PostgreSQL Improper Validation of Specified Type of Input Vulnerability (CVE-2026-2003)
CVE-2026-2003
CWE-1287
Medium
Craft CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-25493)
CVE-2026-25493
CWE-918
Medium
Oracle JRE CVE-2020-14621 Vulnerability (CVE-2020-14621)
CVE-2020-14621
-
Medium
WebLogic CVE-2020-14622 Vulnerability (CVE-2020-14622)
CVE-2020-14622
-
Medium
MySQL CVE-2020-14623 Vulnerability (CVE-2020-14623)
CVE-2020-14623
-
Medium
MySQL CVE-2020-14624 Vulnerability (CVE-2020-14624)
CVE-2020-14624
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-31859)
CVE-2026-31859
CWE-707
Medium
«
1
...
289
290
291
...
309
»
