Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24254 vulnerabilities in 62 categories.

Critical: 1581 High: 13032 Medium: 8704 Low: 868 Information: 69
Vulnerability Name
CVE
CWE
Severity
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13666)
CVE-2020-13666
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13668)
CVE-2020-13668
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13669)
CVE-2020-13669
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13672)
CVE-2020-13672
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13688)
CVE-2020-13688
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9281)
CVE-2020-9281
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33829)
CVE-2021-33829
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
CVE-2021-41164
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
CVE-2021-41165
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
CVE-2021-41182
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
CVE-2021-41183
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
CVE-2021-41184
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
CVE-2022-24728
CWE-707
Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25276)
CVE-2022-25276
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-12393)
CVE-2024-12393
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-55635)
CVE-2024-55635
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-3057)
CVE-2025-3057
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-31675)
CVE-2025-31675
CWE-707
Medium
Drupal Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-13664)
CVE-2020-13664
CWE-138
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2999)
CVE-2008-2999
CWE-138
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3223)
CVE-2008-3223
CWE-138
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2715)
CVE-2011-2715
CWE-138
Critical
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3704)
CVE-2014-3704
CWE-138
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659)
CVE-2015-6659
CWE-138
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10910)
CVE-2019-10910
CWE-138
Critical
Drupal Improper Privilege Management Vulnerability (CVE-2017-6924)
CVE-2017-6924
CWE-269
High
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31042)
CVE-2022-31042
CWE-212
Medium
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31043)
CVE-2022-31043
CWE-212
Medium
Drupal Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2025-13081)
CVE-2025-13081
CWE-915
Medium
Drupal Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)
CVE-2019-11358
CWE-1321
Medium
Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)
CVE-2017-6381
CWE-829
High
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)
CVE-2011-2726
CWE-863
High
Drupal Incorrect Authorization Vulnerability (CVE-2017-6377)
CVE-2017-6377
CWE-863
High
Drupal Incorrect Authorization Vulnerability (CVE-2020-13676)
CVE-2020-13676
CWE-863
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25270)
CVE-2022-25270
CWE-863
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2022-25274)
CVE-2022-25274
CWE-863
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2023-31250)
CVE-2023-31250
CWE-863
Medium
Drupal Incorrect Authorization Vulnerability (CVE-2025-31673)
CVE-2025-31673
CWE-863
Medium
Drupal Incorrect Default Permissions Vulnerability (CVE-2020-13667)
CVE-2020-13667
CWE-276
Medium
Drupal Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-6928)
CVE-2017-6928
CWE-732
Medium
Drupal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-24729)
CVE-2022-24729
CWE-1333
High
Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450)
CVE-2016-9450
CWE-345
High
Drupal Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-11941)
CVE-2024-11941
CWE-835
High
Drupal Missing Authorization Vulnerability (CVE-2017-6923)
CVE-2017-6923
CWE-862
Medium
Drupal Numeric Errors Vulnerability (CVE-2007-5416)
CVE-2007-5416
-
Medium
Drupal Other Vulnerability (CVE-2002-1806)
CVE-2002-1806
-
Medium
Drupal Other Vulnerability (CVE-2005-0682)
CVE-2005-0682
-
Medium
Drupal Other Vulnerability (CVE-2005-1871)
CVE-2005-1871
-
High
Drupal Other Vulnerability (CVE-2005-2106)
CVE-2005-2106
-
Medium
Drupal Other Vulnerability (CVE-2005-3973)
CVE-2005-3973
-
Medium
Drupal Other Vulnerability (CVE-2005-3974)
CVE-2005-3974
-
Medium
Drupal Other Vulnerability (CVE-2005-3975)
CVE-2005-3975
-
Medium
Drupal Other Vulnerability (CVE-2006-0070)
CVE-2006-0070
-
Medium
Drupal Other Vulnerability (CVE-2006-1225)
CVE-2006-1225
-
Medium
Drupal Other Vulnerability (CVE-2006-1226)
CVE-2006-1226
-
Medium
Drupal Other Vulnerability (CVE-2006-1227)
CVE-2006-1227
-
Medium
Drupal Other Vulnerability (CVE-2006-2260)
CVE-2006-2260
-
Medium
Drupal Other Vulnerability (CVE-2006-2742)
CVE-2006-2742
-
High
Drupal Other Vulnerability (CVE-2006-2743)
CVE-2006-2743
-
Medium
Drupal Other Vulnerability (CVE-2006-2831)
CVE-2006-2831
-
High
Drupal Other Vulnerability (CVE-2006-2832)
CVE-2006-2832
-
Low
Drupal Other Vulnerability (CVE-2006-2833)
CVE-2006-2833
-
Low
Drupal Other Vulnerability (CVE-2006-3570)
CVE-2006-3570
-
Medium
Drupal Other Vulnerability (CVE-2006-4002)
CVE-2006-4002
-
Medium
Drupal Other Vulnerability (CVE-2006-4120)
CVE-2006-4120
-
Medium
Drupal Other Vulnerability (CVE-2006-5475)
CVE-2006-5475
-
Medium
Drupal Other Vulnerability (CVE-2006-5476)
CVE-2006-5476
-
High
Drupal Other Vulnerability (CVE-2006-5477)
CVE-2006-5477
-
Low
Drupal Other Vulnerability (CVE-2007-0124)
CVE-2007-0124
-
Low
Drupal Other Vulnerability (CVE-2007-0658)
CVE-2007-0658
-
Medium
Drupal Other Vulnerability (CVE-2007-4063)
CVE-2007-4063
-
Medium
Drupal Other Vulnerability (CVE-2008-3661)
CVE-2008-3661
-
Medium
Drupal Other Vulnerability (CVE-2015-3232)
CVE-2015-3232
-
Medium
Drupal Other Vulnerability (CVE-2015-3233)
CVE-2015-3233
-
Medium