Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Missing Update

This page lists 22224 vulnerabilities in this category.

Critical: 1394 High: 12186 Medium: 7891 Low: 749 Information: 4
Vulnerability Name
CVE
CWE
Severity
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29459)
CVE-2025-29459
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29458)
CVE-2025-29458
CWE-918
High
Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29452)
CVE-2025-29452
CWE-918
High
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-23209)
CVE-2025-23209
CWE-94
High
Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29451)
CVE-2025-29451
CWE-918
High
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-29087)
CVE-2025-29087
CWE-190
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2025-27747)
CVE-2025-27747
CWE-822
High
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2025-26642)
CVE-2025-26642
CWE-190
High
Moodle Files or Directories Accessible to External Parties Vulnerability (CVE-2025-26525)
CVE-2025-26525
CWE-552
High
GibbonEdu Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-26211)
CVE-2025-26211
CWE-352
High
Joomla CVE-2025-25227 Vulnerability (CVE-2025-25227)
CVE-2025-25227
-
High
Apache Tomcat Untrusted Search Path Vulnerability (CVE-2025-49124)
CVE-2025-49124
CWE-426
High
XWikiplatform Incorrect Privilege Assignment Vulnerability (CVE-2025-49580)
CVE-2025-49580
CWE-266
High
WordPress 'wp-db.php' Character Set SQL Injection Vulnerability (2.0 - 2.3.1)
CVE-2007-6318
CWE-89
High
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3)
CVE-2005-2612
CWE-94
High
WordPress 2.0.3 Multiple Unspecified Security Vulnerabilities (2.0 - 2.0.3)
CVE-2006-4028
CWE-264
High
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
CVE-2006-2702
CWE-94
High
WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1)
-
CWE-400
High
WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5)
CVE-2005-1687
CWE-89
High
WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1)
CVE-2005-1810
CWE-89
High
WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
CVE-2006-6808
CWE-79
High
WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2)
CVE-2005-2110
CWE-702
High
WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2)
CVE-2004-1584
CWE-113
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (1.2 - 1.2.1)
-
CWE-79
High
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2)
-
CWE-89
High
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
-
CWE-89
High
WordPress 0.7 Posts SQL Injection Vulnerability (0.7)
CVE-2003-1598
CWE-89
High
WordPress 2.0.4 Multiple Security Vulnerabilities (2.0.4)
CVE-2006-6017
CWE-400
High
WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
CVE-2007-0106
CWE-79
High
TYPO3 Missing Authorization Vulnerability (CVE-2025-59017)
CVE-2025-59017
CWE-862
High
WordPress 2.2 Cross-Site Scripting Vulnerability (2.2)
CVE-2007-3238
CWE-79
High
WordPress 'templates.php' Cross-Site Scripting Vulnerability (0.6.2 - 2.1)
CVE-2007-1049
CWE-79
High
WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)
CVE-2007-0540
CWE-400
High
WordPress Cookies Security Bypass Weakness (1.5 - 2.3.1)
CVE-2007-6013
CWE-287
High
WordPress 'admin-ajax.php' SQL Injection Vulnerability (2.1.3)
CVE-2007-2821
CWE-89
High
WordPress 2.3.1 Unauthorized Post Access Vulnerability (2.3.1)
-
CWE-264
High
WordPress 2.3 Cross-Site Scripting Vulnerability (2.3)
CVE-2007-5710
CWE-79
High
WordPress 2.1.1 Cross-Site Scripting Vulnerability (2.1.1)
CVE-2007-1244
CWE-79
High
WordPress Comment Post Cross-Site Scripting Vulnerability (2.0)
CVE-2006-0733
CWE-79
High
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1)
CVE-2007-1277
CWE-94
High
WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6)
CVE-2007-0233
CWE-89
High
WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5)
CVE-2007-0107
CWE-89
High
WordPress User-Agent SQL Injection Vulnerability (1.5.2)
CVE-2006-1012
CWE-89
High
WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5)
CVE-2006-3389
CWE-89
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
CVE-2006-1796
CWE-79
High
WordPress 'index.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
Jboss EAP Improper Resource Shutdown or Release Vulnerability (CVE-2025-9784)
CVE-2025-9784
CWE-404
High
XWikiplatform Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2025-58049)
CVE-2025-58049
CWE-212
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49581)
CVE-2025-49581
CWE-94
High
SharePoint Use After Free Vulnerability (CVE-2025-49703)
CVE-2025-49703
CWE-416
High
Oracle JRE Improper Access Control Vulnerability (CVE-2025-50059)
CVE-2025-50059
CWE-284
High
Next.js Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-49826)
CVE-2025-49826
-
High
Apache HTTP Server Improper Authentication Vulnerability (CVE-2025-49812)
CVE-2025-49812
CWE-287
High
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2025-49763)
CVE-2025-49763
CWE-400
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-49712)
CVE-2025-49712
CWE-502
High
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49704)
CVE-2025-49704
CWE-94
High
SharePoint Improper Authorization Vulnerability (CVE-2025-49701)
CVE-2025-49701
CWE-285
High
AbanteCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-50971)
CVE-2025-50971
CWE-22
High
Apache HTTP Server Reachable Assertion Vulnerability (CVE-2025-49630)
CVE-2025-49630
CWE-617
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49587)
CVE-2025-49587
CWE-357
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-49586)
CVE-2025-49586
CWE-863
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49585)
CVE-2025-49585
CWE-357
High
XWikiplatform Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-49584)
CVE-2025-49584
CWE-201
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49582)
CVE-2025-49582
CWE-357
High
Oracle JRE CVE-2025-50106 Vulnerability (CVE-2025-50106)
CVE-2025-50106
-
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-51991)
CVE-2025-51991
CWE-94
High
Next.js Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-57822)
CVE-2025-57822
CWE-918
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-54897)
CVE-2025-54897
CWE-502
High
Craft CMS Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2025-57811)
CVE-2025-57811
CWE-138
High
XWikiplatform Relative Path Traversal Vulnerability (CVE-2025-55748)
CVE-2025-55748
CWE-23
High
Envoy Proxy Insufficient Session Expiration Vulnerability (CVE-2025-55162)
CVE-2025-55162
CWE-613
High
LiteSpeed Web Server Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-54939)
CVE-2025-54939
CWE-401
High
SharePoint Other Vulnerability (CVE-2025-54906)
CVE-2025-54906
-
High