Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Medium Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Medium Severity Vulnerabilities
Found
8230 vulnerabilities
at
Medium
severity.
Vulnerability Name
CVE
CWE
Severity
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25151)
CVE-2024-25151
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25151)
CVE-2024-25151
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25152)
CVE-2024-25152
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25152)
CVE-2024-25152
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25601)
CVE-2024-25601
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25601)
CVE-2024-25601
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25602)
CVE-2024-25602
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25602)
CVE-2024-25602
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25603)
CVE-2024-25603
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25603)
CVE-2024-25603
CWE-707
Medium
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-25604)
CVE-2024-25604
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25604)
CVE-2024-25604
CWE-863
Medium
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
CVE-2024-25608
CWE-601
Medium
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25609)
CVE-2024-25609
CWE-601
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Moodle CVE-2024-25979 Vulnerability (CVE-2024-25979)
CVE-2024-25979
-
Medium
Moodle CVE-2024-25980 Vulnerability (CVE-2024-25980)
CVE-2024-25980
-
Medium
Moodle CVE-2024-25981 Vulnerability (CVE-2024-25981)
CVE-2024-25981
-
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-25983)
CVE-2024-25983
CWE-639
Medium
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-26129)
CVE-2024-26129
CWE-22
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)
CVE-2024-26143
CWE-707
Medium
Ruby on Rails CVE-2024-26144 Vulnerability (CVE-2024-26144)
CVE-2024-26144
-
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-26265)
CVE-2024-26265
CWE-770
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266)
CVE-2024-26266
CWE-707
Medium
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-26268)
CVE-2024-26268
CWE-203
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)
CVE-2024-26269
CWE-707
Medium
Liferay Portal Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Liferay DXP Other Vulnerability (CVE-2024-26270)
CVE-2024-26270
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26278)
CVE-2024-26278
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)
CVE-2024-26279
CWE-707
Medium
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26450)
CVE-2024-26450
CWE-352
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-27184)
CVE-2024-27184
CWE-601
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27186)
CVE-2024-27186
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27300)
CVE-2024-27300
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27525)
CVE-2024-27525
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27626)
CVE-2024-27626
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28106)
CVE-2024-28106
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28108)
CVE-2024-28108
CWE-707
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28190)
CVE-2024-28190
CWE-707
Medium
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-28191)
CVE-2024-28191
CWE-138
Medium
Contao CVE-2024-28234 Vulnerability (CVE-2024-28234)
CVE-2024-28234
-
Medium
Contao CVE-2024-28235 Vulnerability (CVE-2024-28235)
CVE-2024-28235
-
Medium
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-28593)
CVE-2024-28593
CWE-94
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28662)
CVE-2024-28662
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28709)
CVE-2024-28709
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28710)
CVE-2024-28710
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28793)
CVE-2024-28793
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28852)
CVE-2024-28852
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28853)
CVE-2024-28853
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29179)
CVE-2024-29179
CWE-707
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29203)
CVE-2024-29203
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29374)
CVE-2024-29374
CWE-707
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29881)
CVE-2024-29881
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2123)
CVE-2024-2123
CWE-707
Medium
WP Plugin Contact Form 7 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2242)
CVE-2024-2242
CWE-707
Medium
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2247)
CVE-2024-2247
CWE-707
Medium
PHP Observable Discrepancy Vulnerability (CVE-2024-2408)
CVE-2024-2408
CWE-203
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2765)
CVE-2024-2765
CWE-707
Medium
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-30617)
CVE-2024-30617
CWE-352
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-30618)
CVE-2024-30618
CWE-707
Medium
XWikiplatform Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-31464)
CVE-2024-31464
CWE-916
Medium
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31985)
CVE-2024-31985
CWE-352
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-32464)
CVE-2024-32464
CWE-707
Medium
Moodle CVE-2024-33996 Vulnerability (CVE-2024-33996)
CVE-2024-33996
-
Medium
« Previous
1
...
103
104
105
106
107
108
109
110
Next »
