Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-5545)
CVE-2023-5545
CWE-668
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5546)
CVE-2023-5546
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5547)
CVE-2023-5547
CWE-707
Medium
Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2023-5548)
CVE-2023-5548
CWE-345
Medium
Moodle Improper Privilege Management Vulnerability (CVE-2023-5549)
CVE-2023-5549
CWE-269
Medium
WordPress CVE-2023-5561 Vulnerability (CVE-2023-5561)
CVE-2023-5561
-
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5631)
CVE-2023-5631
CWE-707
Medium
OpenSSL Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2023-5678)
CVE-2023-5678
CWE-754
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5842)
CVE-2023-5842
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5863)
CVE-2023-5863
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5864)
CVE-2023-5864
CWE-707
Medium
phpMyFAQ Sensitive Cookie in HTTPS Session Without 'Secure' Attribute Vulnerability (CVE-2023-5866)
CVE-2023-5866
CWE-614
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5867)
CVE-2023-5867
CWE-707
Medium
PostgreSQL CVE-2023-5868 Vulnerability (CVE-2023-5868)
CVE-2023-5868
-
Medium
PostgreSQL CVE-2023-5870 Vulnerability (CVE-2023-5870)
CVE-2023-5870
-
Medium
phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5917)
CVE-2023-5917
CWE-707
Medium
OpenSSL Out-of-bounds Write Vulnerability (CVE-2023-6129)
CVE-2023-6129
CWE-787
Medium
Grafana Incorrect Authorization Vulnerability (CVE-2023-6152)
CVE-2023-6152
CWE-863
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-6296)
CVE-2023-6296
CWE-707
Medium
Python CVE-2023-6507 Vulnerability (CVE-2023-6507)
CVE-2023-6507
-
Medium
TCExam Missing Authorization Vulnerability (CVE-2023-6554)
CVE-2023-6554
CWE-862
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-6609)
CVE-2023-6609
CWE-707
Medium
WP Plugin Contact Form 7 Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2023-6630)
CVE-2023-6630
CWE-639
Medium
WP Plugin Advanced Custom Fields Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-6701)
CVE-2023-6701
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-6889)
CVE-2023-6889
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-6890)
CVE-2023-6890
CWE-707
Medium
Sqlite Use After Free Vulnerability (CVE-2024-0232)
CVE-2024-0232
CWE-416
Medium
OpenSSL CVE-2024-0727 Vulnerability (CVE-2024-0727)
CVE-2024-0727
-
Medium
WordPress Ultimate Member Plugin Missing Authorization Vulnerability (CVE-2024-10528)
CVE-2024-10528
CWE-862
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10716)
CVE-2024-10716
CWE-707
Medium
PostgreSQL CVE-2024-10976 Vulnerability (CVE-2024-10976)
CVE-2024-10976
-
Medium
PostgreSQL CVE-2024-10978 Vulnerability (CVE-2024-10978)
CVE-2024-10978
-
Medium
Drupal Other Vulnerability (CVE-2024-11942)
CVE-2024-11942
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-11993)
CVE-2024-11993
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-11993)
CVE-2024-11993
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-12276)
CVE-2024-12276
CWE-138
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-12393)
CVE-2024-12393
CWE-707
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-1102)
CVE-2024-1102
CWE-200
Medium
Oracle Database Server CVE-2024-20903 Vulnerability (CVE-2024-20903)
CVE-2024-20903
-
Medium
Oracle JRE CVE-2024-20919 Vulnerability (CVE-2024-20919)
CVE-2024-20919
-
Medium
Oracle JRE Incorrect Default Permissions Vulnerability (CVE-2024-20921)
CVE-2024-20921
CWE-276
Medium
Oracle JRE CVE-2024-20926 Vulnerability (CVE-2024-20926)
CVE-2024-20926
-
Medium
Oracle JRE CVE-2024-20945 Vulnerability (CVE-2024-20945)
CVE-2024-20945
-
Medium
MySQL CVE-2024-20961 Vulnerability (CVE-2024-20961)
CVE-2024-20961
-
Medium
MySQL CVE-2024-20963 Vulnerability (CVE-2024-20963)
CVE-2024-20963
-
Medium
MySQL CVE-2024-20965 Vulnerability (CVE-2024-20965)
CVE-2024-20965
-
Medium
MySQL CVE-2024-20967 Vulnerability (CVE-2024-20967)
CVE-2024-20967
-
Medium
MySQL CVE-2024-20969 Vulnerability (CVE-2024-20969)
CVE-2024-20969
-
Medium
MySQL CVE-2024-20971 Vulnerability (CVE-2024-20971)
CVE-2024-20971
-
Medium
MySQL CVE-2024-20973 Vulnerability (CVE-2024-20973)
CVE-2024-20973
-
Medium
MySQL CVE-2024-20975 Vulnerability (CVE-2024-20975)
CVE-2024-20975
-
Medium
MySQL CVE-2024-20977 Vulnerability (CVE-2024-20977)
CVE-2024-20977
-
Medium
MySQL CVE-2024-20981 Vulnerability (CVE-2024-20981)
CVE-2024-20981
-
Medium
MySQL CVE-2024-20983 Vulnerability (CVE-2024-20983)
CVE-2024-20983
-
Medium
MySQL CVE-2024-20985 Vulnerability (CVE-2024-20985)
CVE-2024-20985
-
Medium
WebLogic CVE-2024-20986 Vulnerability (CVE-2024-20986)
CVE-2024-20986
-
Medium
Oracle HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-20991)
CVE-2024-20991
CWE-200
Medium
MySQL CVE-2024-20996 Vulnerability (CVE-2024-20996)
CVE-2024-20996
-
Medium
MySQL CVE-2024-21047 Vulnerability (CVE-2024-21047)
CVE-2024-21047
-
Medium
MySQL CVE-2024-21049 Vulnerability (CVE-2024-21049)
CVE-2024-21049
-
Medium
MySQL CVE-2024-21050 Vulnerability (CVE-2024-21050)
CVE-2024-21050
-
Medium
MySQL CVE-2024-21051 Vulnerability (CVE-2024-21051)
CVE-2024-21051
-
Medium
MySQL CVE-2024-21055 Vulnerability (CVE-2024-21055)
CVE-2024-21055
-
Medium
MySQL CVE-2024-21056 Vulnerability (CVE-2024-21056)
CVE-2024-21056
-
Medium
Oracle Database Server CVE-2024-21058 Vulnerability (CVE-2024-21058)
CVE-2024-21058
-
Medium
MySQL CVE-2024-21061 Vulnerability (CVE-2024-21061)
CVE-2024-21061
-
Medium
MySQL CVE-2024-21062 Vulnerability (CVE-2024-21062)
CVE-2024-21062
-
Medium
Oracle Database Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21066)
CVE-2024-21066
CWE-707
Medium
MySQL CVE-2024-21069 Vulnerability (CVE-2024-21069)
CVE-2024-21069
-
Medium
MySQL CVE-2024-21087 Vulnerability (CVE-2024-21087)
CVE-2024-21087
-
Medium
MySQL CVE-2024-21096 Vulnerability (CVE-2024-21096)
CVE-2024-21096
-
Medium
MySQL CVE-2024-21102 Vulnerability (CVE-2024-21102)
CVE-2024-21102
-
Medium
MySQL CVE-2024-21125 Vulnerability (CVE-2024-21125)
CVE-2024-21125
-
Medium
Oracle Database Server Uncontrolled Resource Consumption Vulnerability (CVE-2024-21126)
CVE-2024-21126
CWE-400
Medium
MySQL CVE-2024-21127 Vulnerability (CVE-2024-21127)
CVE-2024-21127
-
Medium