Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Medium Severity Vulnerabilities

Found 14578 vulnerabilities at Medium severity.

Reference
Title
Technology
CVE-2006-5031
CakePHP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
CakePHP
CVE-2006-4067
CakePHP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
CakePHP
CVE-2017-5553
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2016-7150
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2016-7149
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2017-5494
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2020-22841
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2020-22840
b2evolution URL Redirection to Untrusted Site (Open Redirect) Vulnerability
b2evolution
CVE-2014-9599
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2013-7352
b2evolution Cross-Site Request Forgery (CSRF) Vulnerability
b2evolution
CVE-2013-2945
b2evolution Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
b2evolution
CVE-2012-5911
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2012-5910
b2evolution Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
b2evolution
CVE-2011-3709
b2evolution Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
b2evolution
CVE-2007-0175
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2006-6197
b2evolution Other Vulnerability
b2evolution
CVE-2006-0847
CherryPy Other Vulnerability
CherryPy
CVE-2014-4333
Dolphin Cross-Site Request Forgery (CSRF) Vulnerability
Dolphin
CVE-2014-3810
Dolphin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Dolphin
CVE-2012-0873
Dolphin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Dolphin
CVE-2011-3728
Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Dolphin
CVE-2006-5410
Dolphin Other Vulnerability
Dolphin
CVE-2006-4189
Dolphin Other Vulnerability
Dolphin
CVE-2021-27969
Dolphin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Dolphin
CVE-2020-8143
ReviveAdserver URL Redirection to Untrusted Site (Open Redirect) Vulnerability
ReviveAdserver
CVE-2020-8142
ReviveAdserver Incorrect Authorization Vulnerability
ReviveAdserver
CVE-2020-8115
ReviveAdserver Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ReviveAdserver
CVE-2019-5433
ReviveAdserver URL Redirection to Untrusted Site (Open Redirect) Vulnerability
ReviveAdserver
CVE-2016-9472
ReviveAdserver Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ReviveAdserver
CVE-2016-9457
ReviveAdserver Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ReviveAdserver