Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Medium Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Medium Severity Vulnerabilities
Found
8230 vulnerabilities
at
Medium
severity.
Vulnerability Name
CVE
CWE
Severity
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-45604)
CVE-2024-45604
CWE-22
Medium
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-45612)
CVE-2024-45612
CWE-138
Medium
Moodle Missing Authorization Vulnerability (CVE-2024-45689)
CVE-2024-45689
CWE-862
Medium
Moodle CVE-2024-45691 Vulnerability (CVE-2024-45691)
CVE-2024-45691
-
Medium
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2024-45808)
CVE-2024-45808
CWE-116
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45965)
CVE-2024-45965
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46240)
CVE-2024-46240
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46333)
CVE-2024-46333
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46605)
CVE-2024-46605
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46606)
CVE-2024-46606
CWE-707
Medium
XWikiplatform Other Vulnerability (CVE-2024-46978)
CVE-2024-46978
-
Medium
XWikiplatform Other Vulnerability (CVE-2024-46979)
CVE-2024-46979
-
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-47184)
CVE-2024-47184
CWE-707
Medium
TYPO3 Incorrect Authorization Vulnerability (CVE-2024-47780)
CVE-2024-47780
CWE-863
Medium
Jenkins Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-47803)
CVE-2024-47803
CWE-209
Medium
Jenkins CVE-2024-47804 Vulnerability (CVE-2024-47804)
CVE-2024-47804
-
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-47828)
CVE-2024-47828
CWE-352
Medium
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-47913)
CVE-2024-47913
CWE-532
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706)
CVE-2024-48706
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48707)
CVE-2024-48707
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48708)
CVE-2024-48708
CWE-707
Medium
Moodle Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-48896)
CVE-2024-48896
CWE-209
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-48897)
CVE-2024-48897
CWE-863
Medium
Moodle Missing Authorization Vulnerability (CVE-2024-48898)
CVE-2024-48898
CWE-862
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-48899)
CVE-2024-48899
CWE-639
Medium
Moodle CVE-2024-48900 Vulnerability (CVE-2024-48900)
CVE-2024-48900
-
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-48901)
CVE-2024-48901
CWE-863
Medium
SharePoint CVE-2024-49062 Vulnerability (CVE-2024-49062)
CVE-2024-49062
-
Medium
SharePoint CVE-2024-49064 Vulnerability (CVE-2024-49064)
CVE-2024-49064
-
Medium
SharePoint CVE-2024-49065 Vulnerability (CVE-2024-49065)
CVE-2024-49065
-
Medium
PostgreSQL Missing Authorization Vulnerability (CVE-2024-4317)
CVE-2024-4317
CWE-862
Medium
WP Plugin Contact Form 7 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-4704)
CVE-2024-4704
CWE-601
Medium
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50801)
CVE-2024-50801
CWE-138
Medium
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50802)
CVE-2024-50802
CWE-138
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51142)
CVE-2024-51142
CWE-707
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51488)
CVE-2024-51488
CWE-352
Medium
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51489)
CVE-2024-51489
CWE-352
Medium
Craft CMS Files or Directories Accessible to External Parties Vulnerability (CVE-2024-52292)
CVE-2024-52292
CWE-552
Medium
Apache Tomcat Inadequate Encryption Strength Vulnerability (CVE-2024-52317)
CVE-2024-52317
CWE-326
Medium
Apache Tomcat Inadequate Encryption Strength Vulnerability (CVE-2024-52318)
CVE-2024-52318
CWE-326
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-52701)
CVE-2024-52701
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-52702)
CVE-2024-52702
CWE-707
Medium
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2024-54677)
CVE-2024-54677
CWE-400
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-55635)
CVE-2024-55635
CWE-707
Medium
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55876)
CVE-2024-55876
CWE-862
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-55891)
CVE-2024-55891
CWE-532
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-55892)
CVE-2024-55892
CWE-601
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55893)
CVE-2024-55893
CWE-749
Medium
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55894)
CVE-2024-55894
CWE-352
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55920)
CVE-2024-55920
CWE-749
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55922)
CVE-2024-55922
CWE-749
Medium
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55923)
CVE-2024-55923
CWE-749
Medium
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55945)
CVE-2024-55945
CWE-352
Medium
Apache Traffic Server CVE-2024-56195 Vulnerability (CVE-2024-56195)
CVE-2024-56195
-
Medium
Apache Traffic Server CVE-2024-56196 Vulnerability (CVE-2024-56196)
CVE-2024-56196
-
Medium
Apache Traffic Server CVE-2024-56202 Vulnerability (CVE-2024-56202)
CVE-2024-56202
-
Medium
Next.js Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-56332)
CVE-2024-56332
CWE-770
Medium
PHP Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-5458)
CVE-2024-5458
CWE-345
Medium
MongoDb Missing Authorization Vulnerability (CVE-2024-6375)
CVE-2024-6375
CWE-862
Medium
MongoDb CVE-2024-6384 Vulnerability (CVE-2024-6384)
CVE-2024-6384
-
Medium
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6484)
CVE-2024-6484
CWE-707
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6700)
CVE-2024-6700
CWE-707
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6701)
CVE-2024-6701
CWE-707
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6702)
CVE-2024-6702
CWE-707
Medium
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-6762)
CVE-2024-6762
CWE-770
Medium
Jetty Other Vulnerability (CVE-2024-6763)
CVE-2024-6763
-
Medium
Payara URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-7312)
CVE-2024-7312
CWE-601
Medium
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-7658)
CVE-2024-7658
CWE-639
Medium
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-8184)
CVE-2024-8184
CWE-770
Medium
MongoDb Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2024-8207)
CVE-2024-8207
CWE-610
Medium
MongoDb Other Vulnerability (CVE-2024-8305)
CVE-2024-8305
-
Medium
AngularJS Other Vulnerability (CVE-2024-8372)
CVE-2024-8372
-
Medium
AngularJS Other Vulnerability (CVE-2024-8373)
CVE-2024-8373
-
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-8519)
CVE-2024-8519
CWE-707
Medium
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-8520)
CVE-2024-8520
CWE-352
Medium
« Previous
1
...
102
103
104
105
106
107
108
109
110
Next »
