🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
-
CWE-89
High
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3)
CVE-2005-2612
CWE-94
High
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27524)
CVE-2024-27524
CWE-707
High
WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1)
CVE-2005-1810
CWE-89
High
WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2)
CVE-2005-2110
CWE-702
High
Envoy Proxy Detection of Error Condition Without Action Vulnerability (CVE-2024-27919)
CVE-2024-27919
CWE-390
High
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-28105)
CVE-2024-28105
CWE-434
High
WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2)
CVE-2004-1584
CWE-113
High
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-28107)
CVE-2024-28107
CWE-138
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (1.2 - 1.2.1)
-
CWE-79
High
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2)
-
CWE-89
High
WordPress 0.7 Posts SQL Injection Vulnerability (0.7)
CVE-2003-1598
CWE-89
High
WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
MongoDb Out-of-bounds Write Vulnerability (CVE-2026-9753)
CVE-2026-9753
CWE-787
High
GeoServer Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-29198)
CVE-2024-29198
CWE-918
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-29477)
CVE-2024-29477
CWE-94
High
MongoDb Uncontrolled Recursion Vulnerability (CVE-2026-9740)
CVE-2026-9740
CWE-674
High
IBMHttpServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-9170)
CVE-2026-9170
CWE-94
High
OpenSSL Out-of-bounds Read Vulnerability (CVE-2026-9076)
CVE-2026-9076
CWE-125
High
PHP CVE-2024-2757 Vulnerability (CVE-2024-2757)
CVE-2024-2757
-
High
SharePoint CVE-2024-30043 Vulnerability (CVE-2024-30043)
CVE-2024-30043
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-30044)
CVE-2024-30044
CWE-502
High
SharePoint CVE-2024-30100 Vulnerability (CVE-2024-30100)
CVE-2024-30100
-
High
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-27316)
CVE-2024-27316
CWE-770
High
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-27299)
CVE-2024-27299
CWE-138
High
WordPress 2.1.1 Cross-Site Scripting Vulnerability (2.1.1)
CVE-2007-1244
CWE-79
High
WordPress 2.0.4 Multiple Security Vulnerabilities (2.0.4)
CVE-2006-6017
CWE-400
High
WordPress 2.1.1 Command Execution Backdoor Vulnerability (2.1.1)
CVE-2007-1277
CWE-94
High
WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6)
CVE-2007-0233
CWE-89
High
WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5)
CVE-2007-0107
CWE-89
High
WordPress User-Agent SQL Injection Vulnerability (1.5.2)
CVE-2006-1012
CWE-89
High
WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5)
CVE-2006-3389
CWE-89
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
CVE-2006-1796
CWE-79
High
WordPress 'index.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
WordPress Comment Post Cross-Site Scripting Vulnerability (2.0)
CVE-2006-0733
CWE-79
High
WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
CVE-2007-0106
CWE-79
High
WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
CVE-2006-6808
CWE-79
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
CVE-2024-26271
CWE-352
High
Joomla Other Vulnerability (CVE-2024-27187)
CVE-2024-27187
-
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
CVE-2024-26271
CWE-352
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
CVE-2024-26272
CWE-352
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
CVE-2024-26272
CWE-352
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)
CVE-2024-26273
CWE-352
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)
CVE-2024-26273
CWE-352
High
WordPress 2.0.3 Multiple Unspecified Security Vulnerabilities (2.0 - 2.0.3)
CVE-2006-4028
CWE-264
High
WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
CVE-2006-2702
CWE-94
High
WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1)
-
CWE-400
High
WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5)
CVE-2005-1687
CWE-89
High
WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5)
-
CWE-79
High
WordPress 2.1.2 Multiple Vulnerabilities (2.1 - 2.1.2)
CVE-2007-1897
CWE-264
High
WordPress 2.2 Multiple Vulnerabilities (2.2)
CVE-2007-3543
CWE-434
High
Contao Insufficient Session Expiration Vulnerability (CVE-2024-30262)
CVE-2024-30262
CWE-613
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21690)
CVE-2024-21690
CWE-707
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.11)
CVE-2016-5839
CWE-400
High
XWiki Improper Handling of Insufficient Privileges Vulnerability (CVE-2024-21648)
CVE-2024-21648
CWE-274
High
WordPress 4.1.x Cross-Site Scripting Vulnerability (4.1 - 4.1.8)
CVE-2016-1564
CWE-79
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21672)
CVE-2024-21672
CWE-94
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21673)
CVE-2024-21673
CWE-94
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21674)
CVE-2024-21674
CWE-94
High
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21677)
CVE-2024-21677
CWE-22
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21678)
CVE-2024-21678
CWE-707
High
Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683)
CVE-2024-21683
-
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21686)
CVE-2024-21686
CWE-707
High
WordPress 4.0.x Same Origin Method Execution (SOME) Vulnerability (4.0 - 4.0.10)
CVE-2016-4566
CWE-79
High
Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622)
CVE-2024-21622
-
High
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.11)
CVE-2016-5839
CWE-400
High
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.9)
CVE-2016-2222
CWE-918
High
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.12)
CVE-2016-7169
CWE-79
High
WordPress 4.0.x Cross-Site Scripting Vulnerability (4.0 - 4.0.8)
CVE-2016-1564
CWE-79
High
WordPress 3.9.x Same Origin Method Execution (SOME) Vulnerability (3.9 - 3.9.11)
CVE-2016-4566
CWE-79
High
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.12)
CVE-2016-5839
CWE-400
High
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.10)
CVE-2016-2222
CWE-918
High
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.13)
CVE-2016-7169
CWE-79
High
WordPress 3.9.x Cross-Site Scripting Vulnerability (3.9 - 3.9.9)
CVE-2016-1564
CWE-79
High
WordPress 3.8.x Same Origin Method Execution (SOME) Vulnerability (3.8 - 3.8.13)
CVE-2016-4566
CWE-79
High
«
1
...
72
73
74
...
313
»