Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Medium Severity Vulnerabilities

Found 14578 vulnerabilities at Medium severity.

Reference
Title
Technology
CVE-2018-2796
Oracle JRE Vulnerability
Oracle JRE
CVE-2025-30698
Oracle JRE Improper Access Control Vulnerability
Oracle JRE
CVE-2018-8046
Ext JS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Ext JS
CVE-2021-39391
Beego Framework Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Beego Framework
CVE-2019-16354
Beego Framework Incorrect Permission Assignment for Critical Resource Vulnerability
Beego Framework
CVE-2019-16355
Beego Framework Incorrect Default Permissions Vulnerability
Beego Framework
CVE-2020-17373
SugarCRM Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
SugarCRM
CVE-2020-17372
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2019-14974
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2018-17784
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2018-5715
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2017-14510
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2011-3803
SugarCRM Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
SugarCRM
CVE-2011-0745
SugarCRM Improper Input Validation Vulnerability
SugarCRM
CVE-2010-0465
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2009-2146
SugarCRM Other Vulnerability
SugarCRM
CVE-2008-2045
SugarCRM Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
SugarCRM
CVE-2006-6712
SugarCRM Other Vulnerability
SugarCRM
CVE-2006-2460
SugarCRM Other Vulnerability
SugarCRM
CVE-2005-0266
SugarCRM Other Vulnerability
SugarCRM
CVE-2004-1226
SugarCRM Gain Sensitive Information Vulnerability
SugarCRM
CVE-2020-36501
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2020-28956
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2020-28955
SugarCRM Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
SugarCRM
CVE-2019-16147
Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Liferay Portal
CVE-2017-17868
Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Liferay Portal
CVE-2011-1571
Liferay Portal Vulnerability
Liferay Portal
CVE-2011-1502
Liferay Portal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Liferay Portal
CVE-2009-3742
Liferay Portal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Liferay Portal
CVE-2021-29052
Liferay Portal Incorrect Default Permissions Vulnerability
Liferay Portal