🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23101 vulnerabilities
in this category.
Critical: 1474
High: 12458
Medium: 8395
Low: 770
Information: 4
Vulnerability Name
CVE
CWE
Severity
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.18)
CVE-2017-14726
CWE-601
High
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.10)
CVE-2017-9066
CWE-918
High
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.8)
CVE-2017-6819
CWE-601
High
WordPress 4.2.x Possible SQL Injection Vulnerability (4.2 - 4.2.16)
CVE-2017-16510
CWE-89
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.12)
CVE-2017-6819
CWE-601
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.10)
CVE-2017-5493
CWE-352
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.14)
CVE-2017-9066
CWE-918
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.15)
CVE-2017-14726
CWE-601
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.11)
CVE-2017-5612
CWE-264
High
WordPress 4.1.x Possible SQL Injection Vulnerability (4.1 - 4.1.19)
CVE-2017-16510
CWE-89
High
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.17)
CVE-2017-9066
CWE-918
High
WordPress 3.7.4 Multiple Vulnerabilities (3.7 - 3.7.4)
CVE-2014-9039
CWE-918
High
WordPress 3.7.1 Multiple Vulnerabilities (3.7 - 3.7.1)
CVE-2014-0166
CWE-287
High
GeoServer Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-38524)
CVE-2024-38524
CWE-200
High
Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35545)
CVE-2026-35545
CWE-669
High
Serendipity Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2026-39971)
CVE-2026-39971
CWE-707
High
Chamilo CVE-2024-30619 Vulnerability (CVE-2024-30619)
CVE-2024-30619
-
High
WordPress Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-31210)
CVE-2024-31210
CWE-434
High
Apache Traffic Server CVE-2024-31309 Vulnerability (CVE-2024-31309)
CVE-2024-31309
-
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31465)
CVE-2024-31465
CWE-94
High
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31503)
CVE-2024-31503
CWE-352
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31981)
CVE-2024-31981
CWE-862
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983)
CVE-2024-31983
CWE-862
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984)
CVE-2024-31984
CWE-94
High
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986)
CVE-2024-31986
CWE-352
High
Contao Insufficient Session Expiration Vulnerability (CVE-2024-30262)
CVE-2024-30262
CWE-613
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31987)
CVE-2024-31987
CWE-862
High
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988)
CVE-2024-31988
CWE-352
High
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31997)
CVE-2024-31997
CWE-862
High
WeBid Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-32166)
CVE-2024-32166
CWE-639
High
Envoy Proxy Reachable Assertion Vulnerability (CVE-2024-32475)
CVE-2024-32475
CWE-617
High
Masa CMS Origin Validation Error Vulnerability (CVE-2024-32642)
CVE-2024-32642
CWE-346
High
Masa CMS Incorrect Authorization Vulnerability (CVE-2024-32643)
CVE-2024-32643
CWE-863
High
Envoy Proxy Use After Free Vulnerability (CVE-2024-32974)
CVE-2024-32974
CWE-416
High
Envoy Proxy Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2024-32975)
CVE-2024-32975
CWE-191
High
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)
CVE-2024-32976
CWE-835
High
Chamilo Incorrect Authorization Vulnerability (CVE-2024-30616)
CVE-2024-30616
CWE-863
High
Envoy Proxy Detection of Error Condition Without Action Vulnerability (CVE-2024-30255)
CVE-2024-30255
CWE-390
High
CubeCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-33438)
CVE-2024-33438
CWE-434
High
MongoDb Use After Free Vulnerability (CVE-2026-4148)
CVE-2026-4148
CWE-416
High
Envoy Proxy Detection of Error Condition Without Action Vulnerability (CVE-2024-27919)
CVE-2024-27919
CWE-390
High
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-28105)
CVE-2024-28105
CWE-434
High
WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2)
CVE-2004-1584
CWE-113
High
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-28107)
CVE-2024-28107
CWE-138
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (1.2 - 1.2.1)
-
CWE-79
High
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2)
-
CWE-89
High
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
-
CWE-89
High
WordPress 0.7 Posts SQL Injection Vulnerability (0.7)
CVE-2003-1598
CWE-89
High
Jetty Sensitive Information in Resource Not Removed Before Reuse Vulnerability (CVE-2026-5795)
CVE-2026-5795
CWE-226
High
MongoDb Double Free Vulnerability (CVE-2026-4358)
CVE-2026-4358
CWE-415
High
Chamilo Improper Privilege Management Vulnerability (CVE-2026-40291)
CVE-2026-40291
CWE-269
High
SharePoint CVE-2024-30100 Vulnerability (CVE-2024-30100)
CVE-2024-30100
-
High
GeoServer Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-29198)
CVE-2024-29198
CWE-918
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-29477)
CVE-2024-29477
CWE-94
High
XWikiplatform Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-40104)
CVE-2026-40104
CWE-770
High
Django Authentication Bypass by Spoofing Vulnerability (CVE-2026-3902)
CVE-2026-3902
CWE-290
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-3260)
CVE-2026-3260
CWE-770
High
Jboss EAP Incorrect Privilege Assignment Vulnerability (CVE-2026-3121)
CVE-2026-3121
CWE-266
High
PHP CVE-2024-2757 Vulnerability (CVE-2024-2757)
CVE-2024-2757
-
High
Jboss EAP Incorrect Authorization Vulnerability (CVE-2026-3009)
CVE-2026-3009
CWE-863
High
SharePoint CVE-2024-30043 Vulnerability (CVE-2024-30043)
CVE-2024-30043
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-30044)
CVE-2024-30044
CWE-502
High
SharePoint CVE-2024-32987 Vulnerability (CVE-2024-32987)
CVE-2024-32987
-
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34001)
CVE-2024-34001
CWE-352
High
WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1)
CVE-2005-1810
CWE-89
High
SharePoint CVE-2024-38227 Vulnerability (CVE-2024-38227)
CVE-2024-38227
-
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37821)
CVE-2024-37821
CWE-94
High
Chamilo Use of Insufficiently Random Values Vulnerability (CVE-2026-33710)
CVE-2026-33710
CWE-330
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899)
CVE-2024-37899
CWE-94
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901)
CVE-2024-37901
CWE-94
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)
CVE-2024-38002
CWE-863
High
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002)
CVE-2024-38002
CWE-863
High
SharePoint CVE-2024-38018 Vulnerability (CVE-2024-38018)
CVE-2024-38018
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38023)
CVE-2024-38023
CWE-502
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38024)
CVE-2024-38024
CWE-502
High
«
1
...
73
74
75
...
309
»
