Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
PHP CVE-2024-3096 Vulnerability (CVE-2024-3096)
CVE-2024-3096
-
Medium
Dot CMS CVE-2024-3164 Vulnerability (CVE-2024-3164)
CVE-2024-3164
-
Medium
Dot CMS Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-3165)
CVE-2024-3165
CWE-532
Medium
MongoDb Reachable Assertion Vulnerability (CVE-2024-3374)
CVE-2024-3374
CWE-617
Medium
Artifactory CVE-2024-3505 Vulnerability (CVE-2024-3505)
CVE-2024-3505
-
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-3938)
CVE-2024-3938
CWE-707
Medium
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-40596)
CVE-2024-40596
CWE-532
Medium
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-40598)
CVE-2024-40598
CWE-532
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40599)
CVE-2024-40599
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40600)
CVE-2024-40600
CWE-707
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40601)
CVE-2024-40601
CWE-352
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40602)
CVE-2024-40602
CWE-707
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40603)
CVE-2024-40603
CWE-352
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40604)
CVE-2024-40604
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40605)
CVE-2024-40605
CWE-707
Medium
GeoServer Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40625)
CVE-2024-40625
CWE-918
Medium
Apache HTTP Server CVE-2024-40725 Vulnerability (CVE-2024-40725)
CVE-2024-40725
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40743)
CVE-2024-40743
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40747)
CVE-2024-40747
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41665)
CVE-2024-41665
CWE-707
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41947)
CVE-2024-41947
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-42901)
CVE-2024-42901
CWE-707
Medium
LimeSurvey Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-42903)
CVE-2024-42903
CWE-138
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-43018)
CVE-2024-43018
CWE-138
Medium
Jenkins Missing Authorization Vulnerability (CVE-2024-43045)
CVE-2024-43045
CWE-862
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43400)
CVE-2024-43400
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43407)
CVE-2024-43407
CWE-707
Medium
Moodle Cleartext Storage of Sensitive Information Vulnerability (CVE-2024-43429)
CVE-2024-43429
CWE-312
Medium
Moodle Incorrect Default Permissions Vulnerability (CVE-2024-43430)
CVE-2024-43430
CWE-276
Medium
Moodle Cleartext Transmission of Sensitive Information Vulnerability (CVE-2024-43432)
CVE-2024-43432
CWE-319
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-43433)
CVE-2024-43433
CWE-863
Medium
Moodle Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43435)
CVE-2024-43435
CWE-754
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43437)
CVE-2024-43437
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43439)
CVE-2024-43439
CWE-707
Medium
Django CVE-2024-45231 Vulnerability (CVE-2024-45231)
CVE-2024-45231
-
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45406)
CVE-2024-45406
CWE-707
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-45591)
CVE-2024-45591
CWE-862
Medium
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-45604)
CVE-2024-45604
CWE-22
Medium
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-45612)
CVE-2024-45612
CWE-138
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45613)
CVE-2024-45613
CWE-707
Medium
Moodle Missing Authorization Vulnerability (CVE-2024-45689)
CVE-2024-45689
CWE-862
Medium
Moodle CVE-2024-45691 Vulnerability (CVE-2024-45691)
CVE-2024-45691
-
Medium
DOMPurify Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2024-45801)
CVE-2024-45801
CWE-1321
Medium
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2024-45808)
CVE-2024-45808
CWE-116
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45965)
CVE-2024-45965
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46240)
CVE-2024-46240
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46333)
CVE-2024-46333
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46605)
CVE-2024-46605
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46606)
CVE-2024-46606
CWE-707
Medium
XWikiplatform Other Vulnerability (CVE-2024-46978)
CVE-2024-46978
-
Medium
XWikiplatform Other Vulnerability (CVE-2024-46979)
CVE-2024-46979
-
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-47184)
CVE-2024-47184
CWE-707
Medium
TYPO3 Incorrect Authorization Vulnerability (CVE-2024-47780)
CVE-2024-47780
CWE-863
Medium
Jenkins Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-47803)
CVE-2024-47803
CWE-209
Medium
Jenkins CVE-2024-47804 Vulnerability (CVE-2024-47804)
CVE-2024-47804
-
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-47828)
CVE-2024-47828
CWE-352
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-47875)
CVE-2024-47875
CWE-707
Medium
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-47913)
CVE-2024-47913
CWE-532
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706)
CVE-2024-48706
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48707)
CVE-2024-48707
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48708)
CVE-2024-48708
CWE-707
Medium
Moodle Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-48896)
CVE-2024-48896
CWE-209
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-48897)
CVE-2024-48897
CWE-863
Medium
Moodle Missing Authorization Vulnerability (CVE-2024-48898)
CVE-2024-48898
CWE-862
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-48899)
CVE-2024-48899
CWE-639
Medium
Moodle CVE-2024-48900 Vulnerability (CVE-2024-48900)
CVE-2024-48900
-
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-48901)
CVE-2024-48901
CWE-863
Medium
SharePoint CVE-2024-49062 Vulnerability (CVE-2024-49062)
CVE-2024-49062
-
Medium
SharePoint CVE-2024-49064 Vulnerability (CVE-2024-49064)
CVE-2024-49064
-
Medium
SharePoint CVE-2024-49065 Vulnerability (CVE-2024-49065)
CVE-2024-49065
-
Medium
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-49766)
CVE-2024-49766
CWE-22
Medium
PostgreSQL Missing Authorization Vulnerability (CVE-2024-4317)
CVE-2024-4317
CWE-862
Medium
WP Plugin Advanced Custom Fields CVE-2024-4565 Vulnerability (CVE-2024-4565)
CVE-2024-4565
-
Medium
WP Plugin Contact Form 7 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-4704)
CVE-2024-4704
CWE-601
Medium
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-50337)
CVE-2024-50337
CWE-918
Medium