Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24254 vulnerabilities in 62 categories.

Critical: 1581 High: 13032 Medium: 8704 Low: 868 Information: 69
Vulnerability Name
CVE
CWE
Severity
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5689)
CVE-2018-5689
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5690)
CVE-2018-5690
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27626)
CVE-2024-27626
CWE-707
Medium
Dotclear Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3783)
CVE-2014-3783
CWE-138
Medium
Dotclear Other Vulnerability (CVE-2005-3957)
CVE-2005-3957
-
Critical
Dotclear Other Vulnerability (CVE-2005-3963)
CVE-2005-3963
-
High
Dotclear Other Vulnerability (CVE-2006-2866)
CVE-2006-2866
-
Medium
Dotclear Other Vulnerability (CVE-2006-3938)
CVE-2006-3938
-
Medium
Dotclear Other Vulnerability (CVE-2007-1989)
CVE-2007-1989
-
Medium
Dotclear Other Vulnerability (CVE-2007-3672)
CVE-2007-3672
-
Medium
Dotclear Other Vulnerability (CVE-2007-3688)
CVE-2007-3688
-
Low
Dotclear Other Vulnerability (CVE-2014-3782)
CVE-2014-3782
-
Medium
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1584)
CVE-2011-1584
CWE-264
Medium
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5083)
CVE-2011-5083
CWE-264
High
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7903)
CVE-2016-7903
CWE-264
Low
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)
CVE-2016-7902
CWE-434
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)
CVE-2016-9268
CWE-434
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-53952)
CVE-2023-53952
CWE-434
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-58281)
CVE-2024-58281
CWE-434
High
DotCMS unrestricted file upload (CVE-2022-26352)
CVE-2022-26352
CWE-434
High
Dotenv .env file
-
CWE-538
High
DotNetNuke multiple vulnerabilities
CVE-2012-1030
CWE-79
High
Dragonfly Arbitrary File Read/Write (CVE-2021-33564)
CVE-2021-33564
CWE-20
High
Drupal 7 arbitrary PHP code execution and information disclosure
CVE-2012-4554
CWE-434
High
Drupal 7PK - Security Features Vulnerability (CVE-2016-3163)
CVE-2016-3163
-
High
Drupal 7PK - Security Features Vulnerability (CVE-2016-3168)
CVE-2016-3168
-
Medium
Drupal Backup Migrate directory publicly accessible
-
CWE-538
High
Drupal configuration file weak file permissions
-
CWE-732
Medium
Drupal Configuration Vulnerability (CVE-2008-6171)
CVE-2008-6171
-
Critical
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1)
CVE-2005-0682
CWE-79
High
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5)
CVE-2005-3973
CWE-79
High
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7)
CVE-2006-1226
CWE-79
High
Drupal Core 4.5.x Mail Header Injection (4.5.0 - 4.5.7)
-
CWE-20
High
Drupal Core 4.5.x Multiple Vulnerabilities (4.5.0 - 4.5.5)
-
CWE-113
High
Drupal Core 4.5.x Security Bypass (4.5.0 - 4.5.7)
-
CWE-264
High
Drupal Core 4.5.x Session Fixation (4.5.0 - 4.5.7)
-
CWE-384
High
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6)
CVE-2006-2743
CWE-95
High
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7)
CVE-2006-2831
CWE-95
High
Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 - 4.6.9)
CVE-2006-5476
CWE-352
High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.10)
CVE-2007-0136
CWE-79
High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3)
CVE-2005-3973
CWE-79
High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5)
CVE-2006-1226
CWE-79
High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7)
CVE-2006-2833
CWE-79
High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8)
CVE-2006-4002
CWE-79
High
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10)
CVE-2007-0124
CWE-400
High
Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9)
CVE-2006-5477
CWE-20
High
Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5)
-
CWE-20
High
Drupal Core 4.6.x Multiple Cross-Site Scripting Vulnerabilities (4.6.0 - 4.6.9)
CVE-2006-5475
CWE-79
High
Drupal Core 4.6.x Multiple Vulnerabilities (4.6.0 - 4.6.3)
-
CWE-113
High
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3)
CVE-2005-3974
CWE-264
High
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.5)
-
CWE-264
High
Drupal Core 4.6.x Session Fixation (4.6.0 - 4.6.5)
-
CWE-384
High
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6)
CVE-2006-2742
CWE-89
High
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5)
CVE-2007-0626
CWE-95
High
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0)
CVE-2006-2743
CWE-95
High
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.10)
CVE-2008-0272
CWE-352
High
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.3)
CVE-2006-5476
CWE-352
High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1)
CVE-2006-2833
CWE-79
High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10)
CVE-2008-0274
CWE-79
High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2)
CVE-2006-4002
CWE-79
High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4)
CVE-2007-0136
CWE-79
High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7)
CVE-2007-5596
CWE-79
High
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4)
CVE-2007-0124
CWE-400
High
Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3)
CVE-2006-5477
CWE-20
High
Drupal Core 4.7.x HTTP Response Splitting (4.7.0 - 4.7.7)
CVE-2007-5595
CWE-113
High
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.3)
CVE-2006-5475
CWE-79
High
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.6)
CVE-2007-4064
CWE-79
High
Drupal Core 4.7.x Multiple Vulnerabilities (4.7.0 - 4.7.1)
CVE-2006-2832
CWE-95
High
Drupal Core 4.7.x Security Bypass (4.7.0 - 4.7.7)
CVE-2007-5597
CWE-702
High
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8)
CVE-2007-6299
CWE-89
High
Drupal Core 4.7.x SQL Injection (4.7.0)
CVE-2006-2742
CWE-89
High
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2)
CVE-2007-5593
CWE-95
High
Drupal Core 5.x Arbitrary Code Execution (5.0)
CVE-2007-0626
CWE-95
High
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.2)
CVE-2007-5594
CWE-352
High
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.5)
CVE-2008-0272
CWE-352
High