Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Medium Severity Vulnerabilities

Found 8230 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2025-47939)
CVE-2025-47939
CWE-434
Medium
Next.js Missing Origin Validation in WebSockets Vulnerability (CVE-2025-48068)
CVE-2025-48068
-
Medium
MyBB Exposure of Sensitive Information Through Metadata Vulnerability (CVE-2025-48941)
CVE-2025-48941
CWE-1230
Medium
SharePoint Improper Authentication Vulnerability (CVE-2025-49706)
CVE-2025-49706
CWE-287
Medium
WebLogic Improper Privilege Management Vulnerability (CVE-2025-50064)
CVE-2025-50064
CWE-269
Medium
Oracle Database Server Improper Access Control Vulnerability (CVE-2025-50070)
CVE-2025-50070
CWE-284
Medium
WebLogic Improper Access Control Vulnerability (CVE-2025-50072)
CVE-2025-50072
CWE-284
Medium
WebLogic Improper Authorization Vulnerability (CVE-2025-50073)
CVE-2025-50073
CWE-285
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50076)
CVE-2025-50076
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50077)
CVE-2025-50077
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50078)
CVE-2025-50078
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50079)
CVE-2025-50079
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50080)
CVE-2025-50080
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50082)
CVE-2025-50082
CWE-400
Medium
MySQL CVE-2025-50083 Vulnerability (CVE-2025-50083)
CVE-2025-50083
-
Medium
MySQL Incorrect Authorization Vulnerability (CVE-2025-50084)
CVE-2025-50084
CWE-863
Medium
MySQL Incorrect Authorization Vulnerability (CVE-2025-50085)
CVE-2025-50085
CWE-863
Medium
MySQL Incorrect Authorization Vulnerability (CVE-2025-50086)
CVE-2025-50086
CWE-863
Medium
MySQL CVE-2025-50087 Vulnerability (CVE-2025-50087)
CVE-2025-50087
-
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50088)
CVE-2025-50088
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50089)
CVE-2025-50089
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50091)
CVE-2025-50091
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50092)
CVE-2025-50092
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50093)
CVE-2025-50093
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50094)
CVE-2025-50094
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50095)
CVE-2025-50095
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50096)
CVE-2025-50096
CWE-400
Medium
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50097)
CVE-2025-50097
CWE-400
Medium
MySQL CVE-2025-50099 Vulnerability (CVE-2025-50099)
CVE-2025-50099
-
Medium
MySQL CVE-2025-50101 Vulnerability (CVE-2025-50101)
CVE-2025-50101
-
Medium
MySQL CVE-2025-50102 Vulnerability (CVE-2025-50102)
CVE-2025-50102
-
Medium
MySQL CVE-2025-50103 Vulnerability (CVE-2025-50103)
CVE-2025-50103
-
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-51990)
CVE-2025-51990
CWE-707
Medium
EspoCRM Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') Vulnerability (CVE-2025-52575)
CVE-2025-52575
CWE-138
Medium
EspoCRM Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-52892)
CVE-2025-52892
-
Medium
Moodle Session Fixation Vulnerability (CVE-2025-53021)
CVE-2025-53021
CWE-384
Medium
SharePoint Buffer Over-read Vulnerability (CVE-2025-53736)
CVE-2025-53736
CWE-126
Medium
SharePoint Improper Authentication Vulnerability (CVE-2025-53771)
CVE-2025-53771
CWE-287
Medium
Apache HTTP Server Incorrect Check of Function Return Value Vulnerability (CVE-2025-54090)
CVE-2025-54090
CWE-253
Medium
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54124)
CVE-2025-54124
CWE-359
Medium
XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54125)
CVE-2025-54125
CWE-359
Medium
Next.js Improper Input Validation Vulnerability (CVE-2025-55173)
CVE-2025-55173
CWE-20
Medium
Apache Tomcat Session Fixation Vulnerability (CVE-2025-55668)
CVE-2025-55668
CWE-384
Medium
Next.js Use of Cache Containing Sensitive Information Vulnerability (CVE-2025-57752)
CVE-2025-57752
CWE-524
Medium
Contao Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-57756)
CVE-2025-57756
CWE-200
Medium
Contao Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-57757)
CVE-2025-57757
CWE-200
Medium
Contao Improper Access Control Vulnerability (CVE-2025-57758)
CVE-2025-57758
CWE-284
Medium
Contao Improper Privilege Management Vulnerability (CVE-2025-57759)
CVE-2025-57759
CWE-269
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-59013)
CVE-2025-59013
CWE-601
Medium
TYPO3 Insufficient Entropy Vulnerability (CVE-2025-59015)
CVE-2025-59015
CWE-331
Medium
TYPO3 Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-59016)
CVE-2025-59016
CWE-209
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59018)
CVE-2025-59018
CWE-200
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59019)
CVE-2025-59019
CWE-200
Medium
Jboss EAP Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-5731)
CVE-2025-5731
CWE-209
Medium
PHP NULL Pointer Dereference Vulnerability (CVE-2025-6491)
CVE-2025-6491
CWE-476
Medium