Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Web Application Vulnerabilities
This page lists
23441 vulnerabilities
in
68 categories
.
Critical: 1499
High: 12791
Medium: 8230
Low: 857
Information: 64
Vulnerability Name
CVE
CWE
Severity
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1591)
CVE-2012-1591
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2153)
CVE-2012-2153
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4553)
CVE-2012-4553
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4554)
CVE-2012-4554
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5651)
CVE-2012-5651
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0245)
CVE-2013-0245
CWE-264
Low
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0246)
CVE-2013-0246
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-1476)
CVE-2014-1476
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5020)
CVE-2014-5020
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5267)
CVE-2014-5267
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9015)
CVE-2014-9015
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3169)
CVE-2016-3169
CWE-264
High
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)
CVE-2016-6211
CWE-264
High
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7570)
CVE-2016-7570
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7572)
CVE-2016-7572
CWE-264
Medium
Drupal Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2022-29248)
CVE-2022-29248
CWE-565
High
Drupal Remote Code Execution (SA-CORE-2018-002)
CVE-2018-7600
CWE-94
High
Drupal Remote Code Execution (SA-CORE-2018-004)
CVE-2018-7602
CWE-94
High
Drupal Resource Management Errors Vulnerability (CVE-2012-1588)
CVE-2012-1588
-
Low
Drupal Resource Management Errors Vulnerability (CVE-2013-0316)
CVE-2013-0316
-
Medium
Drupal Resource Management Errors Vulnerability (CVE-2014-5265)
CVE-2014-5265
-
Medium
Drupal Resource Management Errors Vulnerability (CVE-2014-5266)
CVE-2014-5266
-
Medium
Drupal REST Remote Code Execution
CVE-2019-6340
CWE-78
High
Drupal Session Fixation Vulnerability (CVE-2008-3222)
CVE-2008-3222
CWE-384
Medium
Drupal trusted_host_patterns setting not configured
-
CWE-16
Medium
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-6931)
CVE-2017-6931
CWE-434
Medium
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13671)
CVE-2020-13671
CWE-434
High
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13675)
CVE-2020-13675
CWE-434
Critical
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)
CVE-2022-25277
CWE-434
High
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-2471)
CVE-2010-2471
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2749)
CVE-2015-2749
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2750)
CVE-2015-2750
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)
CVE-2015-7943
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-9451)
CVE-2016-9451
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932)
CVE-2017-6932
CWE-601
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662)
CVE-2020-13662
CWE-601
Medium
Drupal Views module information disclosure vulnerability
-
CWE-200
Medium
DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325)
CVE-2014-5325
CWE-200
Medium
DWR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5326)
CVE-2014-5326
CWE-707
Medium
e107 Credentials Management Errors Vulnerability (CVE-2013-7305)
CVE-2013-7305
-
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5084)
CVE-2010-5084
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)
CVE-2011-4947
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6433)
CVE-2012-6433
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)
CVE-2012-6434
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)
CVE-2017-8098
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127)
CVE-2018-11127
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)
CVE-2018-15901
CWE-352
High
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
CVE-2018-17081
CWE-352
Medium
e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753)
CVE-2016-10753
CWE-502
High
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
CVE-2011-3731
CWE-200
Medium
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
CVE-2008-1989
CWE-94
Critical
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0857)
CVE-2006-0857
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6208)
CVE-2008-6208
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444)
CVE-2009-3444
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)
CVE-2009-4083
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0997)
CVE-2010-0997
CWE-707
Low
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4757)
CVE-2010-4757
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0457)
CVE-2011-0457
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920)
CVE-2011-4920
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3843)
CVE-2012-3843
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2750)
CVE-2013-2750
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1041)
CVE-2015-1041
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1057)
CVE-2015-1057
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-11734)
CVE-2018-11734
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16381)
CVE-2018-16381
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17423)
CVE-2018-17423
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36121)
CVE-2023-36121
CWE-707
Medium
e107 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2011-1513)
CVE-2011-1513
CWE-138
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-2416)
CVE-2006-2416
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5320)
CVE-2008-5320
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1409)
CVE-2009-1409
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4084)
CVE-2009-4084
CWE-138
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4921)
CVE-2011-4921
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4946)
CVE-2011-4946
CWE-138
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10378)
CVE-2016-10378
CWE-138
High
«
1
...
34
35
36
...
313
»
