Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23168 vulnerabilities in this category.

Critical: 1485 High: 12484 Medium: 8421 Low: 774 Information: 4
Vulnerability Name
CVE
CWE
Severity
WebLogic CVE-2020-14637 Vulnerability (CVE-2020-14637)
CVE-2020-14637
-
Medium
WebLogic CVE-2020-14638 Vulnerability (CVE-2020-14638)
CVE-2020-14638
-
Medium
WebLogic CVE-2020-14640 Vulnerability (CVE-2020-14640)
CVE-2020-14640
-
Medium
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14641)
CVE-2020-14641
CWE-200
Medium
PrestaShop Observable Timing Discrepancy Vulnerability (CVE-2026-25597)
CVE-2026-25597
CWE-208
Medium
MySQL CVE-2020-14651 Vulnerability (CVE-2020-14651)
CVE-2020-14651
-
Medium
Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-27970)
CVE-2026-27970
CWE-707
Medium
WebLogic CVE-2020-14652 Vulnerability (CVE-2020-14652)
CVE-2020-14652
-
Medium
MySQL CVE-2020-14654 Vulnerability (CVE-2020-14654)
CVE-2020-14654
-
Medium
Grafana Uncontrolled Resource Consumption Vulnerability (CVE-2026-28375)
CVE-2026-28375
CWE-400
Medium
MySQL CVE-2020-14656 Vulnerability (CVE-2020-14656)
CVE-2020-14656
-
Medium
MySQL CVE-2020-14672 Vulnerability (CVE-2020-14672)
CVE-2020-14672
-
Medium
MongoDb Missing Authorization Vulnerability (CVE-2026-25609)
CVE-2026-25609
CWE-862
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-28343)
CVE-2026-28343
CWE-707
Medium
MySQL CVE-2020-14680 Vulnerability (CVE-2020-14680)
CVE-2020-14680
-
Medium
MongoDb Reachable Assertion Vulnerability (CVE-2026-25610)
CVE-2026-25610
CWE-617
Medium
MongoDb Incorrect Type Conversion or Cast Vulnerability (CVE-2026-25613)
CVE-2026-25613
CWE-704
Medium
Next.js Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2026-27978)
CVE-2026-27978
CWE-352
Medium
Next.js Missing Origin Validation in WebSockets Vulnerability (CVE-2026-27977)
CVE-2026-27977
-
Medium
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2026-25854)
CVE-2026-25854
CWE-601
Medium
Python Uncontrolled Resource Consumption Vulnerability (CVE-2020-14422)
CVE-2020-14422
CWE-400
Medium
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2026-33007)
CVE-2026-33007
CWE-476
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15073)
CVE-2020-15073
CWE-707
Medium
MySQL CVE-2020-14891 Vulnerability (CVE-2020-14891)
CVE-2020-14891
-
Medium
Pega Infinity Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2026-1564)
CVE-2026-1564
CWE-707
Medium
concrete5 CVE-2020-14961 Vulnerability (CVE-2020-14961)
CVE-2020-14961
-
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-35539)
CVE-2026-35539
CWE-707
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-1711)
CVE-2026-1711
CWE-707
Medium
Django Use of Persistent Cookies Containing Sensitive Information Vulnerability (CVE-2026-35192)
CVE-2026-35192
CWE-539
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-34974)
CVE-2026-34974
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-34729)
CVE-2026-34729
CWE-707
Medium
Apache HTTP Server Missing Authorization Vulnerability (CVE-2020-13938)
CVE-2020-13938
CWE-862
Medium
Apache Tomcat CVE-2020-13943 Vulnerability (CVE-2020-13943)
CVE-2020-13943
-
Medium
Apache Tomcat Improper Authentication Vulnerability (CVE-2026-34500)
CVE-2026-34500
CWE-287
Medium
WebLogic CVE-2020-13956 Vulnerability (CVE-2020-13956)
CVE-2020-13956
-
Medium
MySQL CVE-2020-14893 Vulnerability (CVE-2020-14893)
CVE-2020-14893
-
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13964)
CVE-2020-13964
CWE-707
Medium
Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35540)
CVE-2026-35540
CWE-669
Medium
Chamilo Improper Authorization Vulnerability (CVE-2026-34370)
CVE-2026-34370
CWE-285
Medium
MySQL CVE-2020-14888 Vulnerability (CVE-2020-14888)
CVE-2020-14888
-
Medium
MySQL Observable Response Discrepancy Vulnerability (CVE-2026-34319)
CVE-2026-34319
CWE-204
Medium
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-34318)
CVE-2026-34318
CWE-200
Medium
MySQL Improper Resource Shutdown or Release Vulnerability (CVE-2026-34317)
CVE-2026-34317
CWE-404
Medium
WebLogic Improper Authorization Vulnerability (CVE-2026-34315)
CVE-2026-34315
CWE-285
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13965)
CVE-2020-13965
CWE-707
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13980)
CVE-2020-13980
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14012)
CVE-2020-14012
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-20945)
CVE-2026-20945
CWE-707
Medium
MySQL CVE-2020-14873 Vulnerability (CVE-2020-14873)
CVE-2020-14873
-
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-34161)
CVE-2026-34161
CWE-707
Medium
Squid Improper Synchronization Vulnerability (CVE-2020-14059)
CVE-2020-14059
CWE-662
Medium
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-1312)
CVE-2026-1312
CWE-138
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901)
CVE-2019-20901
CWE-601
Medium
Dolibarr Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio Vulnerability (CVE-2026-34036)
CVE-2026-34036
-
Medium
markdown-it Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-7969)
CVE-2025-7969
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-41240)
CVE-2026-41240
CWE-707
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2020-13676)
CVE-2020-13676
CWE-863
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13688)
CVE-2020-13688
CWE-707
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-70336)
CVE-2025-70336
CWE-707
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-70811)
CVE-2025-70811
CWE-352
Medium
axios Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2026-40175)
CVE-2026-40175
CWE-707
Medium
MongoDb Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2025-7259)
CVE-2025-7259
CWE-843
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15041)
CVE-2020-15041
CWE-707
Medium
XWikiplatform Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2026-40105)
CVE-2026-40105
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13761)
CVE-2020-13761
CWE-707
Medium
Opencart Incomplete Filtering of Special Elements Vulnerability (CVE-2026-3714)
CVE-2026-3714
CWE-791
Medium
TYPO3 Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-7900)
CVE-2025-7900
CWE-639
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13762)
CVE-2020-13762
CWE-707
Medium
Pega Infinity Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-9559)
CVE-2025-9559
CWE-639
Medium
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-1287)
CVE-2026-1287
CWE-138
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-0540)
CVE-2026-0540
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13827)
CVE-2020-13827
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13828)
CVE-2020-13828
CWE-707
Medium
Serendipity Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2026-39963)
CVE-2026-39963
CWE-565
Medium
Mailman Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15011)
CVE-2020-15011
CWE-138
Medium