🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Medium Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Medium Severity Vulnerabilities
Found
8734 vulnerabilities
at
Medium
severity.
Vulnerability Name
CVE
CWE
Severity
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3890)
CVE-2009-3890
CWE-94
Medium
Nginx Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-3896)
CVE-2009-3896
CWE-119
Medium
Nginx Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-3898)
CVE-2009-3898
CWE-22
Medium
Joomla CVE-2009-3945 Vulnerability (CVE-2009-3945)
CVE-2009-3945
-
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3946)
CVE-2009-3946
CWE-200
Medium
PHP Other Vulnerability (CVE-2009-4017)
CVE-2009-4017
-
Medium
MySQL Other Vulnerability (CVE-2009-4019)
CVE-2009-4019
-
Medium
MySQL Improper Input Validation Vulnerability (CVE-2009-4028)
CVE-2009-4028
CWE-20
Medium
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2009-4030)
CVE-2009-4030
CWE-59
Medium
PostgreSQL Cryptographic Issues Vulnerability (CVE-2009-4034)
CVE-2009-4034
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4039)
CVE-2009-4039
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4040)
CVE-2009-4040
CWE-707
Medium
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4066)
CVE-2009-4066
CWE-352
Medium
Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4076)
CVE-2009-4076
CWE-352
Medium
Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4077)
CVE-2009-4077
CWE-352
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)
CVE-2009-4083
CWE-707
Medium
Python Out-of-bounds Write Vulnerability (CVE-2009-4134)
CVE-2009-4134
CWE-787
Medium
PostgreSQL Other Vulnerability (CVE-2009-4136)
CVE-2009-4136
-
Medium
PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4142)
CVE-2009-4142
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4214)
CVE-2009-4214
CWE-707
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4297)
CVE-2009-4297
CWE-352
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4298)
CVE-2009-4298
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4299)
CVE-2009-4299
CWE-264
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4300)
CVE-2009-4300
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4301)
CVE-2009-4301
CWE-264
Medium
Moodle Cryptographic Issues Vulnerability (CVE-2009-4302)
CVE-2009-4302
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4303)
CVE-2009-4303
CWE-200
Medium
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4305)
CVE-2009-4305
CWE-138
Medium
ZenCart Improper Input Validation Vulnerability (CVE-2009-4321)
CVE-2009-4321
CWE-20
Medium
ZenCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4322)
CVE-2009-4322
CWE-200
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2009-4355)
CVE-2009-4355
-
Medium
Serendipity Other Vulnerability (CVE-2009-4412)
CVE-2009-4412
-
Medium
PHP Numeric Errors Vulnerability (CVE-2009-4418)
CVE-2009-4418
-
Medium
Internet Information Services CVE-2009-4444 Vulnerability (CVE-2009-4444)
CVE-2009-4444
-
Medium
Internet Information Services Improper Input Validation Vulnerability (CVE-2009-4445)
CVE-2009-4445
CWE-20
Medium
Nginx CVE-2009-4487 Vulnerability (CVE-2009-4487)
CVE-2009-4487
-
Medium
Cherokee Improper Input Validation Vulnerability (CVE-2009-4489)
CVE-2009-4489
CWE-20
Medium
Ruby Improper Input Validation Vulnerability (CVE-2009-4492)
CVE-2009-4492
CWE-20
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4562)
CVE-2009-4562
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4563)
CVE-2009-4563
CWE-707
Medium
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4564)
CVE-2009-4564
CWE-138
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4589)
CVE-2009-4589
CWE-707
Medium
phpMyAdmin Other Vulnerability (CVE-2009-4605)
CVE-2009-4605
-
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4780)
CVE-2009-4780
CWE-707
Medium
XOOPS Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4851)
CVE-2009-4851
CWE-264
Medium
PHP Numeric Errors Vulnerability (CVE-2009-5016)
CVE-2009-5016
-
Medium
MySQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-5026)
CVE-2009-5026
CWE-138
Medium
Jetty Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-5046)
CVE-2009-5046
CWE-707
Medium
Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-5145)
CVE-2009-5145
CWE-707
Medium
Apache HTTP Server Numeric Errors Vulnerability (CVE-2010-0010)
CVE-2010-0010
-
Medium
Oracle Application Server CVE-2010-0066 Vulnerability (CVE-2010-0066)
CVE-2010-0066
-
Medium
Oracle Application Server CVE-2010-0067 Vulnerability (CVE-2010-0067)
CVE-2010-0067
-
Medium
Oracle Application Server CVE-2010-0070 Vulnerability (CVE-2010-0070)
CVE-2010-0070
-
Medium
TYPO3 CVE-2010-0286 Vulnerability (CVE-2010-0286)
CVE-2010-0286
-
Medium
Lighttpd Resource Management Errors Vulnerability (CVE-2010-0295)
CVE-2010-0295
-
Medium
Squid Improper Input Validation Vulnerability (CVE-2010-0308)
CVE-2010-0308
CWE-20
Medium
PHP Other Vulnerability (CVE-2010-0397)
CVE-2010-0397
-
Medium
Apache HTTP Server Other Vulnerability (CVE-2010-0408)
CVE-2010-0408
-
Medium
OpenSSL Improper Input Validation Vulnerability (CVE-2010-0433)
CVE-2010-0433
CWE-20
Medium
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0434)
CVE-2010-0434
CWE-200
Medium
PostgreSQL Numeric Errors Vulnerability (CVE-2010-0442)
CVE-2010-0442
-
Medium
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0464)
CVE-2010-0464
CWE-200
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0465)
CVE-2010-0465
CWE-707
Medium
Squid Other Vulnerability (CVE-2010-0639)
CVE-2010-0639
-
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-0682)
CVE-2010-0682
CWE-264
Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-0738)
CVE-2010-0738
CWE-264
Medium
OpenSSL Improper Input Validation Vulnerability (CVE-2010-0740)
CVE-2010-0740
CWE-20
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0817)
CVE-2010-0817
CWE-707
Medium
Oracle Database Server CVE-2010-0851 Vulnerability (CVE-2010-0851)
CVE-2010-0851
-
Medium
Oracle Database Server CVE-2010-0852 Vulnerability (CVE-2010-0852)
CVE-2010-0852
-
Medium
Oracle Database Server CVE-2010-0866 Vulnerability (CVE-2010-0866)
CVE-2010-0866
-
Medium
Oracle Database Server CVE-2010-0867 Vulnerability (CVE-2010-0867)
CVE-2010-0867
-
Medium
Oracle Database Server CVE-2010-0892 Vulnerability (CVE-2010-0892)
CVE-2010-0892
-
Medium
Oracle Database Server CVE-2010-0902 Vulnerability (CVE-2010-0902)
CVE-2010-0902
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2010-0928)
CVE-2010-0928
-
Medium
« Previous
1
...
18
19
20
21
22
23
24
25
...
117
Next »
