Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2358)
CVE-2012-2358
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2359)
CVE-2012-2359
CWE-264
Medium
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2363)
CVE-2012-2363
CWE-138
Medium
Moodle Other Vulnerability (CVE-2012-2366)
CVE-2012-2366
-
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2367)
CVE-2012-2367
CWE-264
Medium
Tornado Improper Input Validation Vulnerability (CVE-2012-2374)
CVE-2012-2374
CWE-20
Medium
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-2397)
CVE-2012-2397
CWE-352
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2398)
CVE-2012-2398
CWE-707
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2401)
CVE-2012-2401
CWE-264
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2402)
CVE-2012-2402
CWE-264
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2403)
CVE-2012-2403
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2404)
CVE-2012-2404
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2413)
CVE-2012-2413
CWE-707
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2517)
CVE-2012-2517
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2641)
CVE-2012-2641
CWE-707
Medium
PostgreSQL Resource Management Errors Vulnerability (CVE-2012-2655)
CVE-2012-2655
-
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)
CVE-2012-2660
CWE-264
Medium
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2661)
CVE-2012-2661
CWE-138
Medium
Collabtive Improper Input Validation Vulnerability (CVE-2012-2670)
CVE-2012-2670
CWE-20
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2012-2686)
CVE-2012-2686
-
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)
CVE-2012-2694
CWE-264
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2698)
CVE-2012-2698
CWE-707
Medium
Apache Tomcat Improper Input Validation Vulnerability (CVE-2012-2733)
CVE-2012-2733
CWE-20
Medium
Oracle JRE Cryptographic Issues Vulnerability (CVE-2012-2739)
CVE-2012-2739
-
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2741)
CVE-2012-2741
CWE-707
Medium
Joomla CVE-2012-2748 Vulnerability (CVE-2012-2748)
CVE-2012-2748
-
Medium
MySQL Resource Management Errors Vulnerability (CVE-2012-2749)
CVE-2012-2749
-
Medium
Oracle HTTP Server Other Vulnerability (CVE-2012-2751)
CVE-2012-2751
-
Medium
PHP Address Book Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2903)
CVE-2012-2903
CWE-707
Medium
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2922)
CVE-2012-2922
CWE-200
Medium
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
CVE-2012-2928
CWE-264
Medium
Atlassian Confluence Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
CVE-2012-2928
CWE-264
Medium
Resin Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2012-2968)
CVE-2012-2968
CWE-22
Medium
Resin Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2969)
CVE-2012-2969
CWE-264
Medium
Oracle Database Server Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-3132)
CVE-2012-3132
CWE-138
Medium
Oracle Database Server CVE-2012-3134 Vulnerability (CVE-2012-3134)
CVE-2012-3134
-
Medium
Oracle Database Server Improper Authentication Vulnerability (CVE-2012-3137)
CVE-2012-3137
CWE-287
Medium
MySQL CVE-2012-3144 Vulnerability (CVE-2012-3144)
CVE-2012-3144
-
Medium
MySQL CVE-2012-3147 Vulnerability (CVE-2012-3147)
CVE-2012-3147
-
Medium
MySQL CVE-2012-3150 Vulnerability (CVE-2012-3150)
CVE-2012-3150
-
Medium
GlassFish CVE-2012-3155 Vulnerability (CVE-2012-3155)
CVE-2012-3155
-
Medium
MySQL CVE-2012-3166 Vulnerability (CVE-2012-3166)
CVE-2012-3166
-
Medium
MySQL CVE-2012-3173 Vulnerability (CVE-2012-3173)
CVE-2012-3173
-
Medium
MySQL CVE-2012-3177 Vulnerability (CVE-2012-3177)
CVE-2012-3177
-
Medium
MySQL CVE-2012-3180 Vulnerability (CVE-2012-3180)
CVE-2012-3180
-
Medium
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3365)
CVE-2012-3365
CWE-264
Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3369)
CVE-2012-3369
CWE-264
Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3370)
CVE-2012-3370
CWE-264
Medium
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-3384)
CVE-2012-3384
CWE-352
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3385)
CVE-2012-3385
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3387)
CVE-2012-3387
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3388)
CVE-2012-3388
CWE-264
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3389)
CVE-2012-3389
CWE-707
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3391)
CVE-2012-3391
CWE-264
Medium
Moodle Configuration Vulnerability (CVE-2012-3392)
CVE-2012-3392
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3394)
CVE-2012-3394
CWE-200
Medium
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-3395)
CVE-2012-3395
CWE-138
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3397)
CVE-2012-3397
CWE-264
Medium
Moodle Other Vulnerability (CVE-2012-3398)
CVE-2012-3398
-
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3414)
CVE-2012-3414
CWE-707
Medium
Ruby on Rails Improper Authentication Vulnerability (CVE-2012-3424)
CVE-2012-3424
CWE-287
Medium
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3442)
CVE-2012-3442
CWE-707
Medium
Django Improper Input Validation Vulnerability (CVE-2012-3443)
CVE-2012-3443
CWE-20
Medium
Django Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-3444)
CVE-2012-3444
CWE-119
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3463)
CVE-2012-3463
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3464)
CVE-2012-3464
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3465)
CVE-2012-3465
CWE-707
Medium
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3488)
CVE-2012-3488
CWE-264
Medium
PostgreSQL Improper Input Validation Vulnerability (CVE-2012-3489)
CVE-2012-3489
CWE-20
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3499)
CVE-2012-3499
CWE-707
Medium
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3502)
CVE-2012-3502
CWE-200
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3508)
CVE-2012-3508
CWE-707
Medium
TYPO3 Cryptographic Issues Vulnerability (CVE-2012-3527)
CVE-2012-3527
-
Medium
TYPO3 Other Vulnerability (CVE-2012-3530)
CVE-2012-3530
-
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3531)
CVE-2012-3531
CWE-707
Medium