Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Medium Severity Vulnerabilities

Found 14578 vulnerabilities at Medium severity.

Reference
Title
Technology
CVE-2015-3989
concrete5 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
concrete5
CVE-2015-2250
concrete5 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
concrete5
CVE-2014-9526
concrete5 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
concrete5
CVE-2014-5108
concrete5 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
concrete5
CVE-2014-5107
concrete5 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
concrete5
CVE-2012-5181
concrete5 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
concrete5
CVE-2019-11016
Elgg URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Elgg
CVE-2011-2935
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2013-0234
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2012-6563
Elgg Permissions Privileges and Access Controls Vulnerability
Elgg
CVE-2012-6562
Elgg Permissions Privileges and Access Controls Vulnerability
Elgg
CVE-2012-6561
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2011-3733
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Elgg
CVE-2021-3964
Elgg Authorization Bypass Through User-Controlled Key Vulnerability
Elgg
CVE-2021-4072
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2018-7202
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2017-9783
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2021-40888
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2021-40886
ProjectSend Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
ProjectSend
CVE-2017-20101
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability
ProjectSend
CVE-2023-0607
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2017-9786
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2019-11533
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2024-7658
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability
ProjectSend
CVE-2020-8127
reveal.js Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
reveal.js
CVE-2022-0776
reveal.js Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
reveal.js
CVE-2012-2913
WordPress Plugin Leaflet id Parameter Cross-Site Scripting
WP Plugin Leaflet
CVE-2020-15400
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability
CakePHP
CVE-2012-4399
CakePHP Permissions Privileges and Access Controls Vulnerability
CakePHP
CVE-2011-3712
CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
CakePHP