Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2853)
CVE-2014-2853
CWE-707
Medium
phpList Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-2916)
CVE-2014-2916
CWE-352
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2963)
CVE-2014-2963
CWE-707
Medium
Resin Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2966)
CVE-2014-2966
CWE-264
Medium
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-2983)
CVE-2014-2983
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3092)
CVE-2014-3092
CWE-200
Medium
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3246)
CVE-2014-3246
CWE-138
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3247)
CVE-2014-3247
CWE-707
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3454)
CVE-2014-3454
CWE-352
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3455)
CVE-2014-3455
CWE-352
Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3464)
CVE-2014-3464
CWE-264
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3470)
CVE-2014-3470
-
Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3472)
CVE-2014-3472
CWE-264
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3478)
CVE-2014-3478
CWE-119
Medium
PHP CVE-2014-3479 Vulnerability (CVE-2014-3479)
CVE-2014-3479
-
Medium
PHP Improper Input Validation Vulnerability (CVE-2014-3480)
CVE-2014-3480
CWE-20
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3481)
CVE-2014-3481
CWE-200
Medium
PHP Improper Input Validation Vulnerability (CVE-2014-3487)
CVE-2014-3487
CWE-20
Medium
OpenSSL Other Vulnerability (CVE-2014-3505)
CVE-2014-3505
-
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2014-3506)
CVE-2014-3506
-
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2014-3507)
CVE-2014-3507
-
Medium
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3508)
CVE-2014-3508
CWE-200
Medium
OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-3509)
CVE-2014-3509
CWE-362
Medium
OpenSSL Other Vulnerability (CVE-2014-3510)
CVE-2014-3510
-
Medium
OpenSSL CVE-2014-3511 Vulnerability (CVE-2014-3511)
CVE-2014-3511
-
Medium
Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3518)
CVE-2014-3518
CWE-94
Medium
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2014-3523)
CVE-2014-3523
-
Medium
PHP Resource Management Errors Vulnerability (CVE-2014-3538)
CVE-2014-3538
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3542)
CVE-2014-3542
CWE-200
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3543)
CVE-2014-3543
CWE-200
Medium
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3545)
CVE-2014-3545
CWE-94
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3546)
CVE-2014-3546
CWE-264
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3547)
CVE-2014-3547
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3548)
CVE-2014-3548
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3549)
CVE-2014-3549
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3550)
CVE-2014-3550
CWE-707
Medium
Moodle Improper Authentication Vulnerability (CVE-2014-3552)
CVE-2014-3552
CWE-287
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3553)
CVE-2014-3553
CWE-264
Medium
Nginx Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2014-3556)
CVE-2014-3556
CWE-138
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3568)
CVE-2014-3568
-
Medium
OpenSSL Other Vulnerability (CVE-2014-3569)
CVE-2014-3569
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3570)
CVE-2014-3570
-
Medium
OpenSSL Other Vulnerability (CVE-2014-3571)
CVE-2014-3571
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3572)
CVE-2014-3572
-
Medium
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2014-3581)
CVE-2014-3581
CWE-476
Medium
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3583)
CVE-2014-3583
CWE-119
Medium
PHP Numeric Errors Vulnerability (CVE-2014-3587)
CVE-2014-3587
-
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3597)
CVE-2014-3597
CWE-119
Medium
Squid Improper Input Validation Vulnerability (CVE-2014-3609)
CVE-2014-3609
CWE-20
Medium
Nginx Insufficient Session Expiration Vulnerability (CVE-2014-3616)
CVE-2014-3616
CWE-613
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3617)
CVE-2014-3617
CWE-264
Medium
Jenkins Resource Management Errors Vulnerability (CVE-2014-3661)
CVE-2014-3661
-
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3662)
CVE-2014-3662
CWE-200
Medium
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3663)
CVE-2014-3663
CWE-264
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-3664)
CVE-2014-3664
CWE-22
Medium
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3665)
CVE-2014-3665
CWE-264
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3667)
CVE-2014-3667
CWE-200
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3668)
CVE-2014-3668
CWE-119
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3670)
CVE-2014-3670
CWE-119
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3680)
CVE-2014-3680
CWE-200
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3681)
CVE-2014-3681
CWE-707
Medium
PHP Improper Input Validation Vulnerability (CVE-2014-3710)
CVE-2014-3710
CWE-20
Medium
Django Improper Input Validation Vulnerability (CVE-2014-3730)
CVE-2014-3730
CWE-20
Medium
Dotclear Improper Authentication Vulnerability (CVE-2014-3781)
CVE-2014-3781
CWE-287
Medium
Dotclear Other Vulnerability (CVE-2014-3782)
CVE-2014-3782
-
Medium
Dotclear Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3783)
CVE-2014-3783
CWE-138
Medium
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3810)
CVE-2014-3810
CWE-138
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3826)
CVE-2014-3826
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3827)
CVE-2014-3827
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3832)
CVE-2014-3832
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3833)
CVE-2014-3833
CWE-707
Medium
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3835)
CVE-2014-3835
CWE-264
Medium
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3836)
CVE-2014-3836
CWE-352
Medium
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3837)
CVE-2014-3837
CWE-264
Medium
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3838)
CVE-2014-3838
CWE-264
Medium