Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
MyBB CVE-2024-23335 Vulnerability (CVE-2024-23335)
CVE-2024-23335
-
Medium
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-23336)
CVE-2024-23336
CWE-918
Medium
GeoServer Other Vulnerability (CVE-2024-23634)
CVE-2024-23634
-
Medium
Squid Operation on a Resource after Expiration or Release Vulnerability (CVE-2024-23638)
CVE-2024-23638
CWE-672
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23640)
CVE-2024-23640
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23642)
CVE-2024-23642
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23643)
CVE-2024-23643
CWE-707
Medium
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2024-23672)
CVE-2024-23672
CWE-459
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23817)
CVE-2024-23817
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23818)
CVE-2024-23818
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23819)
CVE-2024-23819
CWE-707
Medium
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23821)
CVE-2024-23821
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24574)
CVE-2024-24574
CWE-707
Medium
Apache HTTP Server Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2024-24795)
CVE-2024-24795
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24815)
CVE-2024-24815
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24816)
CVE-2024-24816
CWE-707
Medium
EspoCRM URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-24818)
CVE-2024-24818
CWE-601
Medium
TYPO3 CVE-2024-25118 Vulnerability (CVE-2024-25118)
CVE-2024-25118
-
Medium
TYPO3 CVE-2024-25119 Vulnerability (CVE-2024-25119)
CVE-2024-25119
-
Medium
TYPO3 CVE-2024-25120 Vulnerability (CVE-2024-25120)
CVE-2024-25120
-
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
CVE-2024-25143
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
CVE-2024-25143
CWE-770
Medium
Liferay DXP Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay Portal Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145)
CVE-2024-25145
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145)
CVE-2024-25145
CWE-707
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-25146)
CVE-2024-25146
CWE-203
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-25146)
CVE-2024-25146
CWE-203
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25147)
CVE-2024-25147
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25147)
CVE-2024-25147
CWE-707
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
Liferay DXP Other Vulnerability (CVE-2024-25150)
CVE-2024-25150
-
Medium
Liferay Portal Other Vulnerability (CVE-2024-25150)
CVE-2024-25150
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25151)
CVE-2024-25151
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25151)
CVE-2024-25151
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25152)
CVE-2024-25152
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25152)
CVE-2024-25152
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25601)
CVE-2024-25601
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25601)
CVE-2024-25601
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25602)
CVE-2024-25602
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25602)
CVE-2024-25602
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25603)
CVE-2024-25603
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25603)
CVE-2024-25603
CWE-707
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25604)
CVE-2024-25604
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25604)
CVE-2024-25604
CWE-863
Medium
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Moodle CVE-2024-25979 Vulnerability (CVE-2024-25979)
CVE-2024-25979
-
Medium
Moodle CVE-2024-25980 Vulnerability (CVE-2024-25980)
CVE-2024-25980
-
Medium
Moodle CVE-2024-25981 Vulnerability (CVE-2024-25981)
CVE-2024-25981
-
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-25983)
CVE-2024-25983
CWE-639
Medium
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-26129)
CVE-2024-26129
CWE-22
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)
CVE-2024-26143
CWE-707
Medium
Ruby on Rails CVE-2024-26144 Vulnerability (CVE-2024-26144)
CVE-2024-26144
-
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay Portal Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Liferay DXP Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26278)
CVE-2024-26278
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)
CVE-2024-26279
CWE-707
Medium