Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

Medium Severity Vulnerabilities

Found 15376 vulnerabilities at Medium severity.

Reference
Title
Technology
CVE-2019-11016
Elgg URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Elgg
CVE-2011-2935
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2013-0234
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2012-6563
Elgg Permissions Privileges and Access Controls Vulnerability
Elgg
CVE-2012-6562
Elgg Permissions Privileges and Access Controls Vulnerability
Elgg
CVE-2012-6561
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2011-3733
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Elgg
CVE-2021-3964
Elgg Authorization Bypass Through User-Controlled Key Vulnerability
Elgg
CVE-2021-4072
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Elgg
CVE-2018-7202
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2017-9783
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2021-40888
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2021-40886
ProjectSend Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
ProjectSend
CVE-2017-20101
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability
ProjectSend
CVE-2023-0607
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2017-9786
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2019-11533
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2024-7658
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability
ProjectSend
CVE-2023-53906
ProjectSend Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
ProjectSend
CVE-2020-8127
reveal.js Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
reveal.js
CVE-2022-0776
reveal.js Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
reveal.js
CVE-2012-2913
WordPress Plugin Leaflet id Parameter Cross-Site Scripting
WP Plugin Leaflet
CVE-2020-15400
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability
CakePHP
CVE-2012-4399
CakePHP Permissions Privileges and Access Controls Vulnerability
CakePHP
CVE-2011-3712
CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
CakePHP
CVE-2006-5031
CakePHP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
CakePHP
CVE-2006-4067
CakePHP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
CakePHP
CVE-2026-23643
CakePHP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
CakePHP
CVE-2017-5553
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution
CVE-2016-7150
b2evolution Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
b2evolution