Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38094)
CVE-2024-38094
CWE-502
High
SharePoint CVE-2024-38228 Vulnerability (CVE-2024-38228)
CVE-2024-38228
-
High
Apache Traffic Server CVE-2024-35296 Vulnerability (CVE-2024-35296)
CVE-2024-35296
-
High
Chamilo Improper Privilege Management Vulnerability (CVE-2026-33706)
CVE-2026-33706
CWE-269
High
Moodle Incomplete Cleanup Vulnerability (CVE-2024-38275)
CVE-2024-38275
CWE-459
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-38276)
CVE-2024-38276
CWE-352
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2026-33704)
CVE-2026-33704
CWE-434
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)
CVE-2024-38286
CWE-770
High
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2026-33702)
CVE-2026-33702
CWE-639
High
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-38472)
CVE-2024-38472
CWE-918
High
Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38473)
CVE-2024-38473
CWE-116
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)
CVE-2024-38477
CWE-476
High
Apache Traffic Server CVE-2024-38479 Vulnerability (CVE-2024-38479)
CVE-2024-38479
-
High
Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-36694)
CVE-2024-36694
CWE-94
High
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-33938)
CVE-2026-33938
CWE-94
High
Roundcube Deserialization of Untrusted Data Vulnerability (CVE-2026-35537)
CVE-2026-35537
CWE-502
High
Envoy Proxy Other Vulnerability (CVE-2024-34363)
CVE-2024-34363
-
High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-35196)
CVE-2026-35196
CWE-138
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34007)
CVE-2024-34007
CWE-352
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34008)
CVE-2024-34008
CWE-352
High
Moodle CVE-2024-34009 Vulnerability (CVE-2024-34009)
CVE-2024-34009
-
High
Werkzeug WSGI Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34069)
CVE-2024-34069
CWE-352
High
Next.js Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-34350)
CVE-2024-34350
-
High
Next.js Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-34351)
CVE-2024-34351
CWE-918
High
phpMyFAQ Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2026-34728)
CVE-2026-34728
CWE-22
High
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2026-34602)
CVE-2026-34602
CWE-639
High
Apache Tomcat Insertion of Sensitive Information into Log File Vulnerability (CVE-2026-34487)
CVE-2026-34487
CWE-532
High
Apache Tomcat Missing Encryption of Sensitive Data Vulnerability (CVE-2026-34486)
CVE-2026-34486
CWE-311
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-35161)
CVE-2024-35161
-
High
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2026-34483)
CVE-2026-34483
CWE-116
High
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34469)
CVE-2024-34469
CWE-707
High
MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-34506)
CVE-2024-34506
CWE-400
High
MediaWiki Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2024-34507)
CVE-2024-34507
CWE-707
High
Chamilo Missing Authentication for Critical Function Vulnerability (CVE-2026-34160)
CVE-2026-34160
CWE-306
High
GeoServer Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-34711)
CVE-2024-34711
CWE-200
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2024-34750)
CVE-2024-34750
CWE-400
High
Handlebars Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-33941)
CVE-2026-33941
CWE-707
High
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-33940)
CVE-2026-33940
CWE-94
High
Handlebars Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2026-33939)
CVE-2026-33939
CWE-754
High
WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2)
CVE-2005-2110
CWE-702
High
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27524)
CVE-2024-27524
CWE-707
High
WordPress 3.6 Multiple Vulnerabilities (2.0 - 3.6)
CVE-2013-5739
CWE-264
High
WordPress 'xmlrpc.php' Remote Security Bypass Vulnerability (3.0.1 - 3.0.2)
CVE-2010-5106
CWE-264
High
WordPress 'press-this.php' Remote Security Bypass Vulnerability (0.7 - 3.1.1)
CVE-2011-5270
CWE-264
High
WordPress 'comment_post_ID' Parameter SQL Injection Vulnerability (3.0.4)
-
CWE-89
High
WordPress Clickjacking Vulnerability (0.7 - 3.1.2)
CVE-2011-3127
CWE-693
High
WordPress 3.1.3 Multiple SQL Injection Vulnerabilities (3.1 - 3.1.3)
-
CWE-89
High
Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)
CVE-2024-25148
-
High
Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)
CVE-2024-25148
-
High
WordPress 3.1.2 Multiple Vulnerabilities (3.0.1 - 3.1.2)
CVE-2011-3130
CWE-693
High
WordPress 3.1 Multiple Vulnerabilities (0.7 - 3.1)
CVE-2011-4957
CWE-400
High
WordPress 3.0.4 Multiple Vulnerabilities (0.6.2 - 3.0.4)
CVE-2011-0701
CWE-200
High
WordPress 3.0.3 KSES Library Cross-Site Scripting Vulnerability (0.6.2 - 3.0.3)
CVE-2010-4536
CWE-79
High
WordPress Anti-CSRF Token Security Bypass Weakness (3.3.1)
CVE-2012-1936
CWE-352
High
WordPress 2.9.1 Trashed Posts Security Bypass Vulnerability (2.9 - 2.9.1)
CVE-2010-0682
CWE-264
High
WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability (0.6.2 - 2.8)
CVE-2009-2334
CWE-287
High
WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability (1.0 - 2.6)
CVE-2009-1030
CWE-79
High
WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4)
CVE-2009-3622
-
High
WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)
CVE-2009-2762
CWE-255
High
WordPress 2.8.2 Multiple Security Bypass Vulnerabilities (2.0 - 2.8.2)
CVE-2009-2854
CWE-264
High
WordPress 2.8.1 Comment Author URI Cross-Site Scripting Vulnerability (0.6.2 - 2.8.1)
CVE-2009-2851
CWE-79
High
WordPress 2.8 Multiple Existing/Non-Existing Username Enumeration Weaknesses (0.6.2 - 2.8)
CVE-2009-2336
CWE-16
High
WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability (0.71 - 2.6.1)
CVE-2008-4107
CWE-20
High
WordPress 'wp-admin/options.php' Remote Code Execution Vulnerability (0.6.2 - 2.3.2)
CVE-2008-5695
CWE-20
High
WordPress 3.3 Cross-Site Scripting Vulnerability (3.3)
CVE-2012-0287
CWE-79
High
WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1)
CVE-2012-3414
CWE-79
High
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0.11 - 2.3)
CVE-2008-0193
CWE-79
High
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-24749)
CVE-2024-24749
CWE-22
High
Plone CMS CVE-2024-23756 Vulnerability (CVE-2024-23756)
CVE-2024-23756
-
High
WordPress 3.5.1 Multiple Vulnerabilities (2.0 - 3.5.1)
CVE-2013-2205
CWE-918
High
WordPress 3.4.1 Multiple Vulnerabilities (2.0 - 3.4.1)
CVE-2012-4422
CWE-264
High
WordPress 3.4 Multiple Vulnerabilities (3.4)
CVE-2012-3385
CWE-352
High
WordPress 3.3.2 Multiple Vulnerabilities (3.3 - 3.3.2)
CVE-2012-6635
CWE-352
High
Jenkins Origin Validation Error Vulnerability (CVE-2024-23898)
CVE-2024-23898
CWE-346
High
Apache Tomcat CVE-2024-24549 Vulnerability (CVE-2024-24549)
CVE-2024-24549
-
High