🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2023-7104)
CVE-2023-7104
CWE-119
Critical
MediaWiki Missing Authentication for Critical Function Vulnerability (CVE-2019-12468)
CVE-2019-12468
CWE-306
Critical
Moodle Other Vulnerability (CVE-2005-2247)
CVE-2005-2247
-
Critical
Pega Infinity Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-10094)
CVE-2024-10094
CWE-94
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2016-7126)
CVE-2016-7126
CWE-787
Critical
PHP Improper Encoding or Escaping of Output Vulnerability (CVE-2024-1874)
CVE-2024-1874
CWE-116
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2016-7127)
CVE-2016-7127
CWE-787
Critical
PHP Improper Input Validation Vulnerability (CVE-2016-7129)
CVE-2016-7129
CWE-20
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2024-11236)
CVE-2024-11236
CWE-190
Critical
ProjectSend Incorrect Authorization Vulnerability (CVE-2024-11680)
CVE-2024-11680
CWE-863
Critical
TYPO3 Improper Authentication Vulnerability (CVE-2011-4628)
CVE-2011-4628
CWE-287
Critical
silverstripeCMS CVE-2019-12204 Vulnerability (CVE-2019-12204)
CVE-2019-12204
-
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-26935)
CVE-2020-26935
CWE-138
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7134)
CVE-2016-7134
CWE-119
Critical
WordPress Ultimate Member Plugin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-1071)
CVE-2024-1071
CWE-138
Critical
MongoDb Improper Certificate Validation Vulnerability (CVE-2024-1351)
CVE-2024-1351
CWE-295
Critical
Serendipity Other Vulnerability (CVE-2005-1452)
CVE-2005-1452
-
Critical
Serendipity Other Vulnerability (CVE-2005-1449)
CVE-2005-1449
-
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39524)
CVE-2023-39524
CWE-138
Critical
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-38888)
CVE-2023-38888
CWE-707
Critical
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0222)
CVE-2003-0222
CWE-119
Critical
Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-7743)
CVE-2019-7743
CWE-502
Critical
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148)
CVE-2022-26148
CWE-312
Critical
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
CVE-2022-26137
CWE-180
Critical
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2022-48565)
CVE-2022-48565
CWE-611
Critical
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
CVE-2022-26137
CWE-180
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)
CVE-2022-4093
CWE-138
Critical
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
CVE-2022-26136
CWE-180
Critical
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
CVE-2022-26136
CWE-180
Critical
Atlassian Confluence Unauthenticated Remote Code Execution Vulnerability (CVE-2022-26134)
CVE-2022-26134
-
Critical
Roundcube Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-12640)
CVE-2020-12640
CWE-22
Critical
Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
Jboss EAP CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
Roundcube Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2020-12641)
CVE-2020-12641
CWE-707
Critical
Rukovoditel Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-48175)
CVE-2022-48175
CWE-138
Critical
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2008-4019)
CVE-2008-4019
CWE-190
Critical
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-25315)
CVE-2022-25315
CWE-190
Critical
Oracle Database Server CVE-2015-4794 Vulnerability (CVE-2015-4794)
CVE-2015-4794
-
Critical
Oracle Database Server CVE-2015-4796 Vulnerability (CVE-2015-4796)
CVE-2015-4796
-
Critical
Nexus Repository Manager CVE-2019-7238 Vulnerability (CVE-2019-7238)
CVE-2019-7238
-
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7139)
CVE-2019-7139
CWE-138
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0307)
CVE-2023-0307
CWE-521
Critical
phpMyFAQ Improper Authentication Vulnerability (CVE-2023-0311)
CVE-2023-0311
CWE-287
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2010-1866)
CVE-2010-1866
CWE-190
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2015-4852)
CVE-2015-4852
CWE-502
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-6798)
CVE-2019-6798
CWE-138
Critical
Drupal Improper Input Validation Vulnerability (CVE-2019-6342)
CVE-2019-6342
CWE-20
Critical
Perl Out-of-bounds Write Vulnerability (CVE-2022-48522)
CVE-2022-48522
CWE-787
Critical
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-48008)
CVE-2022-48008
CWE-434
Critical
Oracle HTTP Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-25236)
CVE-2022-25236
CWE-668
Critical
PHP Other Vulnerability (CVE-2015-4601)
CVE-2015-4601
-
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-11820)
CVE-2020-11820
CWE-138
Critical
Squid Integer Overflow or Wraparound Vulnerability (CVE-2020-11945)
CVE-2020-11945
CWE-190
Critical
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1165)
CVE-2010-1165
CWE-94
Critical
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-27423)
CVE-2022-27423
CWE-138
Critical
Apache HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-11984)
CVE-2020-11984
CWE-120
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-5557)
CVE-2008-5557
CWE-119
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-44945)
CVE-2022-44945
CWE-138
Critical
PHP Other Vulnerability (CVE-2015-4116)
CVE-2015-4116
-
Critical
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-1433)
CVE-2010-1433
CWE-434
Critical
PHP Other Vulnerability (CVE-2015-4599)
CVE-2015-4599
-
Critical
PHP Other Vulnerability (CVE-2015-4600)
CVE-2015-4600
-
Critical
PHP Other Vulnerability (CVE-2015-4602)
CVE-2015-4602
-
Critical
ownCloud Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4718)
CVE-2015-4718
CWE-138
Critical
PHP Other Vulnerability (CVE-2015-4603)
CVE-2015-4603
-
Critical
Joomla Incorrect Authorization Vulnerability (CVE-2010-1435)
CVE-2010-1435
CWE-863
Critical
Python Numeric Errors Vulnerability (CVE-2008-5031)
CVE-2008-5031
-
Critical
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-45152)
CVE-2022-45152
CWE-918
Critical
PHP Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4642)
CVE-2015-4642
CWE-138
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-4643)
CVE-2015-4643
CWE-119
Critical
WordPress Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2008-4796)
CVE-2008-4796
CWE-138
Critical
Sqlite Other Vulnerability (CVE-2022-46908)
CVE-2022-46908
-
Critical
Masa CMS Incorrect Authorization Vulnerability (CVE-2022-47002)
CVE-2022-47002
CWE-863
Critical
Dot CMS Other Vulnerability (CVE-2022-26352)
CVE-2022-26352
-
Critical
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-4769)
CVE-2008-4769
CWE-22
Critical
«
1
...
6
7
8
...
313
»