Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1237)
CVE-2017-1237
CWE-707
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1240)
CVE-2017-1240
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1251)
CVE-2017-1251
CWE-200
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1365)
CVE-2017-1365
CWE-707
Medium
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1474)
CVE-2017-1474
CWE-200
Medium
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1476)
CVE-2017-1476
CWE-200
Medium
IBM WebSEAL Insertion of Sensitive Information into Log File Vulnerability (CVE-2017-1480)
CVE-2017-1480
CWE-532
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1488)
CVE-2017-1488
CWE-200
Medium
IBM WebSEAL URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1489)
CVE-2017-1489
CWE-601
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1507)
CVE-2017-1507
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1509)
CVE-2017-1509
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1524)
CVE-2017-1524
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1559)
CVE-2017-1559
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1570)
CVE-2017-1570
CWE-200
Medium
IBM RTC Files or Directories Accessible to External Parties Vulnerability (CVE-2017-1602)
CVE-2017-1602
CWE-552
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1629)
CVE-2017-1629
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1653)
CVE-2017-1653
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1655)
CVE-2017-1655
CWE-707
Medium
IBM RTC Incorrect Authorization Vulnerability (CVE-2017-1700)
CVE-2017-1700
CWE-863
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1725)
CVE-2017-1725
CWE-200
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1734)
CVE-2017-1734
CWE-200
Medium
IBM RTC Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1753)
CVE-2017-1753
CWE-94
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1762)
CVE-2017-1762
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20033)
CVE-2017-20033
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20034)
CVE-2017-20034
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20035)
CVE-2017-20035
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20036)
CVE-2017-20036
CWE-707
Medium
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2017-20101)
CVE-2017-20101
CWE-639
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2090)
CVE-2017-2090
CWE-22
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2098)
CVE-2017-2098
CWE-22
Medium
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2117)
CVE-2017-2117
CWE-22
Medium
Moodle Improper Input Validation Vulnerability (CVE-2017-2576)
CVE-2017-2576
CWE-20
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2578)
CVE-2017-2578
CWE-707
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)
CVE-2017-2582
CWE-200
Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2595)
CVE-2017-2595
CWE-22
Medium
Jenkins Inadequate Encryption Strength Vulnerability (CVE-2017-2598)
CVE-2017-2598
CWE-326
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2017-2599)
CVE-2017-2599
CWE-863
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2600)
CVE-2017-2600
CWE-200
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2601)
CVE-2017-2601
CWE-707
Medium
Jenkins CVE-2017-2602 Vulnerability (CVE-2017-2602)
CVE-2017-2602
-
Medium
Jenkins Improper Authentication Vulnerability (CVE-2017-2604)
CVE-2017-2604
CWE-287
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2606)
CVE-2017-2606
CWE-200
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2607)
CVE-2017-2607
CWE-707
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2609)
CVE-2017-2609
CWE-200
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2610)
CVE-2017-2610
CWE-707
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2017-2611)
CVE-2017-2611
CWE-863
Medium
Jenkins Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-2612)
CVE-2017-2612
CWE-732
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-2613)
CVE-2017-2613
CWE-352
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2642)
CVE-2017-2642
CWE-200
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2643)
CVE-2017-2643
CWE-200
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2644)
CVE-2017-2644
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2645)
CVE-2017-2645
CWE-707
Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-2666)
CVE-2017-2666
CWE-444
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-3188)
CVE-2017-3188
CWE-22
Medium
MySQL CVE-2017-3238 Vulnerability (CVE-2017-3238)
CVE-2017-3238
-
Medium
MySQL CVE-2017-3243 Vulnerability (CVE-2017-3243)
CVE-2017-3243
-
Medium
MySQL CVE-2017-3244 Vulnerability (CVE-2017-3244)
CVE-2017-3244
-
Medium
GlassFish CVE-2017-3247 Vulnerability (CVE-2017-3247)
CVE-2017-3247
-
Medium
MySQL CVE-2017-3251 Vulnerability (CVE-2017-3251)
CVE-2017-3251
-
Medium
MySQL Improper Input Validation Vulnerability (CVE-2017-3256)
CVE-2017-3256
CWE-20
Medium
MySQL Improper Privilege Management Vulnerability (CVE-2017-3257)
CVE-2017-3257
CWE-269
Medium
MySQL Improper Input Validation Vulnerability (CVE-2017-3258)
CVE-2017-3258
CWE-20
Medium
MySQL CVE-2017-3265 Vulnerability (CVE-2017-3265)
CVE-2017-3265
-
Medium
MySQL Improper Input Validation Vulnerability (CVE-2017-3273)
CVE-2017-3273
CWE-20
Medium
MySQL CVE-2017-3291 Vulnerability (CVE-2017-3291)
CVE-2017-3291
-
Medium
MySQL Cleartext Transmission of Sensitive Information Vulnerability (CVE-2017-3305)
CVE-2017-3305
CWE-319
Medium
MySQL CVE-2017-3312 Vulnerability (CVE-2017-3312)
CVE-2017-3312
-
Medium
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3313)
CVE-2017-3313
CWE-200
Medium
MySQL CVE-2017-3317 Vulnerability (CVE-2017-3317)
CVE-2017-3317
-
Medium
MySQL CVE-2017-3318 Vulnerability (CVE-2017-3318)
CVE-2017-3318
-
Medium
MySQL CVE-2017-3331 Vulnerability (CVE-2017-3331)
CVE-2017-3331
-
Medium
MySQL CVE-2017-3452 Vulnerability (CVE-2017-3452)
CVE-2017-3452
-
Medium
MySQL CVE-2017-3453 Vulnerability (CVE-2017-3453)
CVE-2017-3453
-
Medium
MySQL CVE-2017-3454 Vulnerability (CVE-2017-3454)
CVE-2017-3454
-
Medium
MySQL CVE-2017-3455 Vulnerability (CVE-2017-3455)
CVE-2017-3455
-
Medium