Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5335)
CVE-2015-5335
CWE-200
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5336)
CVE-2015-5336
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5337)
CVE-2015-5337
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5339)
CVE-2015-5339
CWE-200
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5340)
CVE-2015-5340
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5341)
CVE-2015-5341
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5342)
CVE-2015-5342
CWE-264
Medium
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-5345)
CVE-2015-5345
CWE-22
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5381)
CVE-2015-5381
CWE-707
Medium
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5382)
CVE-2015-5382
CWE-200
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5397)
CVE-2015-5397
CWE-352
Medium
Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5400)
CVE-2015-5400
CWE-264
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5592)
CVE-2015-5592
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5593)
CVE-2015-5593
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5594)
CVE-2015-5594
CWE-707
Medium
Zenphoto Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5595)
CVE-2015-5595
CWE-352
Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-5608)
CVE-2015-5608
CWE-601
Medium
WordPress Improper Access Control Vulnerability (CVE-2015-5623)
CVE-2015-5623
CWE-284
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5651)
CVE-2015-5651
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5714)
CVE-2015-5714
CWE-707
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5715)
CVE-2015-5715
CWE-264
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730)
CVE-2015-5730
CWE-200
Medium
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5731)
CVE-2015-5731
CWE-352
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5732)
CVE-2015-5732
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5733)
CVE-2015-5733
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5734)
CVE-2015-5734
CWE-707
Medium
ownCloud Other Vulnerability (CVE-2015-5954)
CVE-2015-5954
-
Medium
Django Resource Management Errors Vulnerability (CVE-2015-5963)
CVE-2015-5963
-
Medium
Django Resource Management Errors Vulnerability (CVE-2015-5964)
CVE-2015-5964
-
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6521)
CVE-2015-6521
CWE-707
Medium
Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-6528)
CVE-2015-6528
-
Medium
datatables Cross-site Scripting (XSS) Vulnerability (CVE-2015-6584)
CVE-2015-6584
-
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6588)
CVE-2015-6588
CWE-707
Medium
Sqlite Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-6607)
CVE-2015-6607
CWE-264
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6658)
CVE-2015-6658
CWE-707
Medium
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6660)
CVE-2015-6660
CWE-352
Medium
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6661)
CVE-2015-6661
CWE-200
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6665)
CVE-2015-6665
CWE-707
Medium
ownCloud Other Vulnerability (CVE-2015-6670)
CVE-2015-6670
-
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6727)
CVE-2015-6727
CWE-200
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6729)
CVE-2015-6729
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6730)
CVE-2015-6730
CWE-707
Medium
MediaWiki Resource Management Errors Vulnerability (CVE-2015-6733)
CVE-2015-6733
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6734)
CVE-2015-6734
CWE-707
Medium
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6830)
CVE-2015-6830
CWE-200
Medium
CubeCart Improper Access Control Vulnerability (CVE-2015-6928)
CVE-2015-6928
CWE-284
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6939)
CVE-2015-6939
CWE-707
Medium
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6943)
CVE-2015-6943
CWE-138
Medium
Serendipity Other Vulnerability (CVE-2015-6968)
CVE-2015-6968
-
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6969)
CVE-2015-6969
CWE-707
Medium
Plone CMS Improper Access Control Vulnerability (CVE-2015-7315)
CVE-2015-7315
CWE-284
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7316)
CVE-2015-7316
CWE-707
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)
CVE-2015-7317
CWE-264
Medium
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7364)
CVE-2015-7364
CWE-352
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7365)
CVE-2015-7365
CWE-707
Medium
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7366)
CVE-2015-7366
CWE-352
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7370)
CVE-2015-7370
CWE-707
Medium
ReviveAdserver Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7371)
CVE-2015-7371
CWE-264
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7373)
CVE-2015-7373
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7453)
CVE-2015-7453
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7471)
CVE-2015-7471
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7536)
CVE-2015-7536
CWE-707
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565)
CVE-2015-7565
CWE-707
Medium
Ruby on Rails Improper Access Control Vulnerability (CVE-2015-7577)
CVE-2015-7577
CWE-284
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7711)
CVE-2015-7711
CWE-707
Medium
ATutor Other Vulnerability (CVE-2015-7712)
CVE-2015-7712
-
Medium
PHP Other Vulnerability (CVE-2015-7803)
CVE-2015-7803
-
Medium
PHP Numeric Errors Vulnerability (CVE-2015-7804)
CVE-2015-7804
-
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7859)
CVE-2015-7859
CWE-200
Medium
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2015-7873)
CVE-2015-7873
-
Medium
Joomla Improper Access Control Vulnerability (CVE-2015-7899)
CVE-2015-7899
CWE-284
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)
CVE-2015-7943
CWE-601
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7989)
CVE-2015-7989
CWE-707
Medium
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8002)
CVE-2015-8002
-
Medium
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8003)
CVE-2015-8003
-
Medium