Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23168 vulnerabilities in this category.

Critical: 1485 High: 12484 Medium: 8421 Low: 774 Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5622)
CVE-2015-5622
CWE-707
Low
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4344)
CVE-2011-4344
CWE-707
Low
MySQL CVE-2021-35618 Vulnerability (CVE-2021-35618)
CVE-2021-35618
-
Low
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49583)
CVE-2025-49583
CWE-357
Low
Jboss EAP Other Vulnerability (CVE-2010-4265)
CVE-2010-4265
-
Low
MySQL CVE-2022-21484 Vulnerability (CVE-2022-21484)
CVE-2022-21484
-
Low
TYPO3 Unverified Password Change Vulnerability (CVE-2025-47938)
CVE-2025-47938
CWE-620
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2204)
CVE-2011-2204
CWE-200
Low
Oracle Database Server Improper Access Control Vulnerability (CVE-2025-61749)
CVE-2025-61749
CWE-284
Low
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43841)
CVE-2021-43841
CWE-707
Low
MySQL CVE-2022-21486 Vulnerability (CVE-2022-21486)
CVE-2022-21486
-
Low
MySQL CVE-2022-21485 Vulnerability (CVE-2022-21485)
CVE-2022-21485
-
Low
Cherokee Cryptographic Issues Vulnerability (CVE-2011-2190)
CVE-2011-2190
-
Low
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0701)
CVE-2016-0701
CWE-200
Low
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62184)
CVE-2025-62184
CWE-707
Low
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1949)
CVE-2011-1949
CWE-707
Low
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-43980)
CVE-2021-43980
CWE-362
Low
OpenSSL Cryptographic Issues Vulnerability (CVE-2011-1945)
CVE-2011-1945
-
Low
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0827)
CVE-2012-0827
CWE-264
Low
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4883)
CVE-2010-4883
CWE-707
Low
Oracle JRE Improper Access Control Vulnerability (CVE-2025-61748)
CVE-2025-61748
CWE-284
Low
MediaWiki Improper Input Validation Vulnerability (CVE-2011-1580)
CVE-2011-1580
CWE-20
Low
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0976)
CVE-2012-0976
CWE-707
Low
Oracle Database Server CVE-2011-2322 Vulnerability (CVE-2011-2322)
CVE-2011-2322
-
Low
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-3635)
CVE-2025-3635
CWE-352
Low
Joomla CVE-2017-14595 Vulnerability (CVE-2017-14595)
CVE-2017-14595
-
Low
silverstripeCMS Credentials Management Errors Vulnerability (CVE-2010-5092)
CVE-2010-5092
-
Low
MediaWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-61634)
CVE-2025-61634
CWE-22
Low
Moodle Use of GET Request Method With Sensitive Query Strings Vulnerability (CVE-2025-3637)
CVE-2025-3637
CWE-598
Low
Liferay Portal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1503)
CVE-2011-1503
CWE-200
Low
Next.js Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-49005)
CVE-2025-49005
-
Low
WebLogic CVE-2016-0688 Vulnerability (CVE-2016-0688)
CVE-2016-0688
-
Low
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1570)
CVE-2011-1570
CWE-707
Low
Oracle HTTP Server CVE-2016-0671 Vulnerability (CVE-2016-0671)
CVE-2016-0671
-
Low
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0800)
CVE-2012-0800
CWE-200
Low
Oracle Database Server CVE-2011-2243 Vulnerability (CVE-2011-2243)
CVE-2011-2243
-
Low
Oracle Database Server CVE-2011-2242 Vulnerability (CVE-2011-2242)
CVE-2011-2242
-
Low
Oracle Database Server CVE-2011-2240 Vulnerability (CVE-2011-2240)
CVE-2011-2240
-
Low
Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2012-1160)
CVE-2012-1160
CWE-732
Low
MySQL CVE-2022-21355 Vulnerability (CVE-2022-21355)
CVE-2022-21355
-
Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Low
MySQL CVE-2025-50098 Vulnerability (CVE-2025-50098)
CVE-2025-50098
-
Low
Oracle JRE Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-22007)
CVE-2026-22007
CWE-200
Low
MySQL CVE-2022-21319 Vulnerability (CVE-2022-21319)
CVE-2022-21319
-
Low
MySQL CVE-2022-21320 Vulnerability (CVE-2022-21320)
CVE-2022-21320
-
Low
Oracle Database Server CVE-2011-3511 Vulnerability (CVE-2011-3511)
CVE-2011-3511
-
Low
MySQL CVE-2025-50100 Vulnerability (CVE-2025-50100)
CVE-2025-50100
-
Low
MySQL CVE-2022-21321 Vulnerability (CVE-2022-21321)
CVE-2022-21321
-
Low
MediaWiki Improper Access Control Vulnerability (CVE-2015-8001)
CVE-2015-8001
CWE-284
Low
Oracle JRE Execution with Unnecessary Privileges Vulnerability (CVE-2026-22008)
CVE-2026-22008
CWE-250
Low
Drupal Resource Management Errors Vulnerability (CVE-2012-1588)
CVE-2012-1588
-
Low
MySQL CVE-2022-21323 Vulnerability (CVE-2022-21323)
CVE-2022-21323
-
Low
MySQL CVE-2022-21325 Vulnerability (CVE-2022-21325)
CVE-2022-21325
-
Low
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2026-21727)
CVE-2026-21727
CWE-732
Low
Grafana Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2026-21725)
CVE-2026-21725
CWE-367
Low
Apache Tomcat Other Vulnerability (CVE-2010-3718)
CVE-2010-3718
-
Low
Jetty Insufficient Session Expiration Vulnerability (CVE-2021-34428)
CVE-2021-34428
CWE-613
Low
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1606)
CVE-2012-1606
CWE-707
Low
MySQL CVE-2016-0598 Vulnerability (CVE-2016-0598)
CVE-2016-0598
-
Low
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1613)
CVE-2012-1613
CWE-707
Low
MySQL CVE-2015-4895 Vulnerability (CVE-2015-4895)
CVE-2015-4895
-
Low
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1029)
CVE-2011-1029
CWE-707
Low
MySQL CVE-2021-35640 Vulnerability (CVE-2021-35640)
CVE-2021-35640
-
Low
MySQL CVE-2015-4910 Vulnerability (CVE-2015-4910)
CVE-2015-4910
-
Low
MySQL CVE-2015-4913 Vulnerability (CVE-2015-4913)
CVE-2015-4913
-
Low
Oracle Database Server CVE-2017-10120 Vulnerability (CVE-2017-10120)
CVE-2017-10120
-
Low
IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-4946)
CVE-2015-4946
CWE-264
Low
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50104)
CVE-2025-50104
CWE-400
Low
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-4962)
CVE-2015-4962
CWE-200
Low
Moodle Incorrect Authorization Vulnerability (CVE-2022-0333)
CVE-2022-0333
CWE-863
Low
MySQL CVE-2022-21311 Vulnerability (CVE-2022-21311)
CVE-2022-21311
-
Low
Oracle JRE Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-22018)
CVE-2026-22018
CWE-770
Low
MySQL CVE-2022-21312 Vulnerability (CVE-2022-21312)
CVE-2022-21312
-
Low
Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8105)
CVE-2015-8105
-
Low
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5304)
CVE-2015-5304
CWE-264
Low