Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
Drupal Resource Management Errors Vulnerability (CVE-2014-5265)
CVE-2014-5265
-
Medium
Drupal Resource Management Errors Vulnerability (CVE-2014-5266)
CVE-2014-5266
-
Medium
Drupal REST Remote Code Execution
CVE-2019-6340
CWE-78
High
Drupal Session Fixation Vulnerability (CVE-2008-3222)
CVE-2008-3222
CWE-384
Medium
Drupal trusted_host_patterns setting not configured
-
-
Medium
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-6931)
CVE-2017-6931
CWE-434
Medium
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13671)
CVE-2020-13671
CWE-434
High
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13675)
CVE-2020-13675
CWE-434
Critical
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)
CVE-2022-25277
CWE-434
High
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-2471)
CVE-2010-2471
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2749)
CVE-2015-2749
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2750)
CVE-2015-2750
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)
CVE-2015-7943
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-9451)
CVE-2016-9451
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932)
CVE-2017-6932
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662)
CVE-2020-13662
CWE-601
Medium
Drupal Use of Web Browser Cache Containing Sensitive Information Vulnerability (CVE-2025-13083)
CVE-2025-13083
CWE-525
Low
Drupal User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2025-13082)
CVE-2025-13082
CWE-451
Medium
Drupal Views module information disclosure vulnerability
-
CWE-200
Medium
DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325)
CVE-2014-5325
CWE-200
Medium
DWR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5326)
CVE-2014-5326
CWE-707
Medium
e107 Credentials Management Errors Vulnerability (CVE-2013-7305)
CVE-2013-7305
-
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5084)
CVE-2010-5084
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)
CVE-2011-4947
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6433)
CVE-2012-6433
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)
CVE-2012-6434
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)
CVE-2017-8098
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127)
CVE-2018-11127
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)
CVE-2018-15901
CWE-352
High
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
CVE-2018-17081
CWE-352
Medium
e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753)
CVE-2016-10753
CWE-502
High
e107 Deserialization of Untrusted Data Vulnerability (CVE-2025-61505)
CVE-2025-61505
CWE-502
Medium
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
CVE-2011-3731
CWE-200
Medium
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
CVE-2008-1989
CWE-94
Critical
e107 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-50939)
CVE-2022-50939
CWE-22
High
e107 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-11941)
CVE-2025-11941
CWE-22
High
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0857)
CVE-2006-0857
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6208)
CVE-2008-6208
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444)
CVE-2009-3444
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)
CVE-2009-4083
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0997)
CVE-2010-0997
CWE-707
Low
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4757)
CVE-2010-4757
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0457)
CVE-2011-0457
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920)
CVE-2011-4920
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3843)
CVE-2012-3843
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2750)
CVE-2013-2750
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1041)
CVE-2015-1041
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1057)
CVE-2015-1057
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-11734)
CVE-2018-11734
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16381)
CVE-2018-16381
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17423)
CVE-2018-17423
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-50905)
CVE-2022-50905
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-50906)
CVE-2022-50906
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36121)
CVE-2023-36121
CWE-707
Medium
e107 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2011-1513)
CVE-2011-1513
CWE-138
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-2416)
CVE-2006-2416
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5320)
CVE-2008-5320
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1409)
CVE-2009-1409
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4084)
CVE-2009-4084
CWE-138
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4921)
CVE-2011-4921
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4946)
CVE-2011-4946
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10378)
CVE-2016-10378
CWE-138
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16389)
CVE-2018-16389
CWE-138
Medium
e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885)
CVE-2021-27885
CWE-326
High
e107 Other Vulnerability (CVE-2003-1191)
CVE-2003-1191
-
Medium
e107 Other Vulnerability (CVE-2004-2028)
CVE-2004-2028
-
Medium
e107 Other Vulnerability (CVE-2004-2031)
CVE-2004-2031
-
Medium
e107 Other Vulnerability (CVE-2004-2039)
CVE-2004-2039
-
Medium
e107 Other Vulnerability (CVE-2004-2040)
CVE-2004-2040
-
Medium
e107 Other Vulnerability (CVE-2004-2042)
CVE-2004-2042
-
High
e107 Other Vulnerability (CVE-2004-2262)
CVE-2004-2262
-
Medium
e107 Other Vulnerability (CVE-2005-1949)
CVE-2005-1949
-
High
e107 Other Vulnerability (CVE-2005-1966)
CVE-2005-1966
-
High
e107 Other Vulnerability (CVE-2005-2327)
CVE-2005-2327
-
Medium
e107 Other Vulnerability (CVE-2005-2559)
CVE-2005-2559
-
High