🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-4716)
CVE-2015-4716
CWE-22
Critical
Oracle Database Server CVE-2015-4863 Vulnerability (CVE-2015-4863)
CVE-2015-4863
-
Critical
Drupal Improper Input Validation Vulnerability (CVE-2019-6339)
CVE-2019-6339
CWE-20
Critical
Rukovoditel Improper Input Validation Vulnerability (CVE-2020-11819)
CVE-2020-11819
CWE-20
Critical
WordPress Improper Input Validation Vulnerability (CVE-2008-2392)
CVE-2008-2392
CWE-20
Critical
Ruby Integer Overflow or Wraparound Vulnerability (CVE-2008-2663)
CVE-2008-2663
CWE-190
Critical
Ruby Numeric Errors Vulnerability (CVE-2008-2662)
CVE-2008-2662
-
Critical
SharePoint CVE-2023-21716 Vulnerability (CVE-2023-21716)
CVE-2023-21716
-
Critical
Oracle HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-3822)
CVE-2019-3822
CWE-119
Critical
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3809)
CVE-2019-3809
CWE-918
Critical
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2730)
CVE-2010-2730
CWE-119
Critical
PHP Improper Input Validation Vulnerability (CVE-2015-5589)
CVE-2015-5589
CWE-20
Critical
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3396)
CVE-2019-3396
CWE-22
Critical
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3395)
CVE-2019-3395
CWE-918
Critical
LimeSurvey CVE-2008-2570 Vulnerability (CVE-2008-2570)
CVE-2008-2570
-
Critical
Oracle Database Server CVE-2014-6567 Vulnerability (CVE-2014-6567)
CVE-2014-6567
-
Critical
Oracle Database Server CVE-2014-6560 Vulnerability (CVE-2014-6560)
CVE-2014-6560
-
Critical
Joomla Improper Authentication Vulnerability (CVE-2022-23795)
CVE-2022-23795
CWE-287
Critical
WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-23457)
CVE-2022-23457
CWE-22
Critical
WebLogic Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-23305)
CVE-2022-23305
CWE-138
Critical
PHP Insufficient Entropy Vulnerability (CVE-2008-2108)
CVE-2008-2108
CWE-331
Critical
Oracle Database Server CVE-2014-6546 Vulnerability (CVE-2014-6546)
CVE-2014-6546
-
Critical
WebLogic Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-22965)
CVE-2022-22965
CWE-94
Critical
PHP CVE-2008-2051 Vulnerability (CVE-2008-2051)
CVE-2008-2051
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-2050)
CVE-2008-2050
CWE-119
Critical
Spring Cloud Gateway Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-22947)
CVE-2022-22947
CWE-138
Critical
Oracle Database Server CVE-2014-6545 Vulnerability (CVE-2014-6545)
CVE-2014-6545
-
Critical
Sqlite CVE-2015-5895 Vulnerability (CVE-2015-5895)
CVE-2015-5895
-
Critical
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
CVE-2008-1989
CWE-94
Critical
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
CVE-2022-22721
CWE-190
Critical
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13675)
CVE-2020-13675
CWE-434
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-23797)
CVE-2022-23797
CWE-138
Critical
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2022-25235)
CVE-2022-25235
CWE-116
Critical
Apache Traffic Server CVE-2015-5168 Vulnerability (CVE-2015-5168)
CVE-2015-5168
-
Critical
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5720)
CVE-2019-5720
CWE-138
Critical
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5715)
CVE-2019-5715
CWE-138
Critical
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0788)
CVE-2023-0788
CWE-94
Critical
phpMyFAQ Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2023-0789)
CVE-2023-0789
CWE-138
Critical
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-5482)
CVE-2019-5482
CWE-787
Critical
EspoCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7985)
CVE-2014-7985
CWE-22
Critical
Ruby on Rails Improper Input Validation Vulnerability (CVE-2019-5420)
CVE-2019-5420
CWE-20
Critical
IBMHttpServer Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-4947)
CVE-2015-4947
CWE-119
Critical
WebLogic Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3257)
CVE-2008-3257
CWE-119
Critical
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
CVE-2008-3232
CWE-94
Critical
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3225)
CVE-2008-3225
CWE-264
Critical
phpBB CVE-2008-3224 Vulnerability (CVE-2008-3224)
CVE-2008-3224
-
Critical
Apache Traffic Server CVE-2015-5206 Vulnerability (CVE-2015-5206)
CVE-2015-5206
-
Critical
phpMyFAQ Authentication Bypass by Capture-replay Vulnerability (CVE-2023-1886)
CVE-2023-1886
CWE-294
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-1753)
CVE-2023-1753
CWE-521
Critical
Dolphin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3167)
CVE-2008-3167
CWE-94
Critical
Magento Improper Input Validation Vulnerability (CVE-2022-24086)
CVE-2022-24086
CWE-20
Critical
Pega Infinity Other Vulnerability (CVE-2022-24083)
CVE-2022-24083
-
Critical
Pega Infinity Deserialization of Untrusted Data Vulnerability (CVE-2022-24082)
CVE-2022-24082
CWE-502
Critical
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
CVE-2022-23943
CWE-787
Critical
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
CVE-2022-23943
CWE-787
Critical
SharePoint Resource Management Errors Vulnerability (CVE-2008-3006)
CVE-2008-3006
-
Critical
Drupal CVE-2020-13665 Vulnerability (CVE-2020-13665)
CVE-2020-13665
-
Critical
Joomla CVE-2022-23799 Vulnerability (CVE-2022-23799)
CVE-2022-23799
-
Critical
Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-3888)
CVE-2019-3888
CWE-532
Critical
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3873)
CVE-2019-3873
CWE-707
Critical
PrestaShop CVE-2008-5791 Vulnerability (CVE-2008-5791)
CVE-2008-5791
-
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43168)
CVE-2022-43168
CWE-138
Critical
Oracle HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-22720)
CVE-2022-22720
CWE-444
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-31181)
CVE-2022-31181
CWE-138
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Oracle Database Server CVE-2009-1985 Vulnerability (CVE-2009-1985)
CVE-2009-1985
-
Critical
Oracle Database Server CVE-2009-1979 Vulnerability (CVE-2009-1979)
CVE-2009-1979
-
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2022-31627)
CVE-2022-31627
CWE-787
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9025)
CVE-2019-9025
CWE-119
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10243)
CVE-2020-10243
CWE-138
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-9023)
CVE-2019-9023
CWE-125
Critical
Skipper Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-38580)
CVE-2022-38580
CWE-918
Critical
Beego Framework CVE-2022-31259 Vulnerability (CVE-2022-31259)
CVE-2022-31259
-
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-9021)
CVE-2019-9021
CWE-125
Critical
PHP Use After Free Vulnerability (CVE-2019-9020)
CVE-2019-9020
CWE-416
Critical
«
1
...
7
8
9
...
313
»