Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
Liferay Portal Unchecked Input for Loop Condition Vulnerability (CVE-2025-43801)
CVE-2025-43801
CWE-606
High
Liferay DXP Unchecked Input for Loop Condition Vulnerability (CVE-2025-43801)
CVE-2025-43801
CWE-606
High
Liferay Portal Uncontrolled Resource Consumption Vulnerability (CVE-2025-62260)
CVE-2025-62260
CWE-400
High
Liferay DXP Uncontrolled Resource Consumption Vulnerability (CVE-2025-62260)
CVE-2025-62260
CWE-400
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43813)
CVE-2025-43813
CWE-22
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-65114)
CVE-2025-65114
-
High
XWikiplatform Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-66473)
CVE-2025-66473
CWE-770
High
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3625)
CVE-2025-3625
CWE-639
High
LimeSurvey Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-41074)
CVE-2025-41074
CWE-835
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2025-69421)
CVE-2025-69421
CWE-476
High
OpenSSL Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2025-69420)
CVE-2025-69420
CWE-754
High
OpenSSL Out-of-bounds Write Vulnerability (CVE-2025-69419)
CVE-2025-69419
CWE-787
High
phpMyFAQ Exposure of Sensitive Information Through Data Queries Vulnerability (CVE-2025-69200)
CVE-2025-69200
CWE-202
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-3638)
CVE-2025-3638
CWE-352
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3641)
CVE-2025-3641
CWE-94
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3642)
CVE-2025-3642
CWE-94
High
Roundcube Improper Encoding or Escaping of Output Vulnerability (CVE-2025-68460)
CVE-2025-68460
CWE-116
High
Craft CMS Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2025-68455)
CVE-2025-68455
CWE-470
High
Craft CMS Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2025-68454)
CVE-2025-68454
CWE-138
High
LimeSurvey Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-41075)
CVE-2025-41075
CWE-835
High
Liferay DXP Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43768)
CVE-2025-43768
CWE-201
High
Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-67853)
CVE-2025-67853
CWE-307
High
Moodle Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2025-67851)
CVE-2025-67851
CWE-1236
High
Moodle Improper Handling of Insufficient Permissions or Privileges Vulnerability (CVE-2025-67848)
CVE-2025-67848
CWE-280
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-67847)
CVE-2025-67847
CWE-94
High
Next.js Deserialization of Untrusted Data Vulnerability (CVE-2025-67779)
CVE-2025-67779
CWE-502
High
React Deserialization of Untrusted Data Vulnerability (CVE-2025-67779)
CVE-2025-67779
CWE-502
High
Tornado Uncontrolled Resource Consumption Vulnerability (CVE-2025-67726)
CVE-2025-67726
CWE-400
High
Tornado Uncontrolled Resource Consumption Vulnerability (CVE-2025-67725)
CVE-2025-67725
CWE-400
High
Jenkins Improper Resource Shutdown or Release Vulnerability (CVE-2025-67635)
CVE-2025-67635
CWE-404
High
Liferay Portal Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43768)
CVE-2025-43768
CWE-201
High
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)
CVE-2024-39338
CWE-918
High
Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-38875)
CVE-2024-38875
CWE-130
High
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.25)
CVE-2018-20153
CWE-915
High
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
CVE-2024-21490
CWE-1333
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.9)
CVE-2016-7169
CWE-79
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.6)
CVE-2016-2222
CWE-918
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.8)
CVE-2016-5839
CWE-400
High
WebLogic CVE-2024-21260 Vulnerability (CVE-2024-21260)
CVE-2024-21260
-
High
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5)
CVE-2016-1564
CWE-79
High
MySQL CVE-2024-21272 Vulnerability (CVE-2024-21272)
CVE-2024-21272
-
High
WebLogic CVE-2024-21274 Vulnerability (CVE-2024-21274)
CVE-2024-21274
-
High
SharePoint CVE-2024-21318 Vulnerability (CVE-2024-21318)
CVE-2024-21318
-
High
SharePoint CVE-2024-21426 Vulnerability (CVE-2024-21426)
CVE-2024-21426
-
High
Angular Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
CVE-2024-21490
CWE-1333
High
WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.1)
CVE-2016-1564
CWE-79
High
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-21514)
CVE-2024-21514
CWE-138
High
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.7)
CVE-2016-4567
CWE-79
High
WordPress 4.1.x Same Origin Method Execution (SOME) Vulnerability (4.1 - 4.1.10)
CVE-2016-4566
CWE-79
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.12)
CVE-2016-7169
CWE-79
High
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21518)
CVE-2024-21518
CWE-22
High
Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519)
CVE-2024-21519
-
High
Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622)
CVE-2024-21622
-
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.9)
CVE-2016-2222
CWE-918
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.11)
CVE-2016-5839
CWE-400
High
XWiki Improper Handling of Insufficient Privileges Vulnerability (CVE-2024-21648)
CVE-2024-21648
CWE-274
High
WordPress 4.2.x Same Origin Method Execution (SOME) Vulnerability (4.2 - 4.2.7)
CVE-2016-4566
CWE-79
High
WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.3)
CVE-2016-4567
CWE-79
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21672)
CVE-2024-21672
CWE-94
High
WordPress 4.5.x Cross-Site Scripting Vulnerability (4.5 - 4.5.1)
CVE-2016-4567
CWE-79
High
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.21)
CVE-2017-14726
CWE-601
High
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.17)
CVE-2017-5612
CWE-264
High
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.16)
CVE-2017-5493
CWE-352
High
WordPress Same Origin Method Execution (SOME) Vulnerability (0.70 - 3.7.13)
CVE-2016-4566
CWE-79
High
WordPress Multiple Vulnerabilities (0.70 - 3.6.1)
CVE-2016-5839
CWE-400
High
WordPress Cross-Site Scripting Vulnerability (0.70 - 3.7.11)
CVE-2016-1564
CWE-79
High
WordPress 4.6 Multiple Vulnerabilities (4.6)
CVE-2016-7169
CWE-79
High
WordPress 4.5.x Same Origin Method Execution (SOME) Vulnerability (4.5 - 4.5.1)
CVE-2016-4566
CWE-79
High
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.3)
CVE-2016-7169
CWE-79
High
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.2)
CVE-2016-5839
CWE-400
High
WordPress 4.5.3 Directory Traversal Vulnerability (4.5.3)
CVE-2016-10148
CWE-22
High
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.5)
CVE-2016-7169
CWE-79
High
WordPress 4.4.x Same Origin Method Execution (SOME) Vulnerability (4.4 - 4.4.2)
CVE-2016-4566
CWE-79
High
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.1)
CVE-2016-2222
CWE-918
High
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.4)
CVE-2016-7169
CWE-79
High