Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Medium Severity Vulnerabilities

Found 8734 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
CVE-2022-36105
CWE-203
Medium
TYPO3 Improper Authentication Vulnerability (CVE-2022-36106)
CVE-2022-36106
CWE-287
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36107)
CVE-2022-36107
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36108)
CVE-2022-36108
CWE-707
Medium
Dot CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-37033)
CVE-2022-37033
CWE-918
Medium
Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)
CVE-2022-37034
CWE-674
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37160)
CVE-2022-37160
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37161)
CVE-2022-37161
CWE-707
Medium
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37162)
CVE-2022-37162
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37183)
CVE-2022-37183
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37246)
CVE-2022-37246
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37247)
CVE-2022-37247
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37248)
CVE-2022-37248
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37250)
CVE-2022-37250
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37251)
CVE-2022-37251
CWE-707
Medium
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-37392)
CVE-2022-37392
CWE-754
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37421)
CVE-2022-37421
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37431)
CVE-2022-37431
CWE-707
Medium
Apache HTTP Server Interpretation Conflict Vulnerability (CVE-2022-37436)
CVE-2022-37436
CWE-436
Medium
Liferay Portal Missing Authorization Vulnerability (CVE-2022-38512)
CVE-2022-38512
CWE-862
Medium
EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38845)
CVE-2022-38845
CWE-1236
Medium
EspoCRM Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-38846)
CVE-2022-38846
CWE-319
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901)
CVE-2022-38901
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901)
CVE-2022-38901
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38902)
CVE-2022-38902
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38902)
CVE-2022-38902
CWE-707
Medium
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-39193)
CVE-2022-39193
CWE-668
Medium
MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2022-39194)
CVE-2022-39194
CWE-400
Medium
Grafana Improper Authentication Vulnerability (CVE-2022-39229)
CVE-2022-39229
CWE-287
Medium
Grafana CVE-2022-39307 Vulnerability (CVE-2022-39307)
CVE-2022-39307
-
Medium
Twisted Web HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39348)
CVE-2022-39348
CWE-707
Medium
MySQL CVE-2022-39400 Vulnerability (CVE-2022-39400)
CVE-2022-39400
-
Medium
MySQL CVE-2022-39402 Vulnerability (CVE-2022-39402)
CVE-2022-39402
-
Medium
MySQL CVE-2022-39404 Vulnerability (CVE-2022-39404)
CVE-2022-39404
-
Medium
MySQL CVE-2022-39408 Vulnerability (CVE-2022-39408)
CVE-2022-39408
-
Medium
MySQL CVE-2022-39410 Vulnerability (CVE-2022-39410)
CVE-2022-39410
-
Medium
Liferay DXP Missing Authorization Vulnerability (CVE-2022-39975)
CVE-2022-39975
CWE-862
Medium
Liferay Portal Missing Authorization Vulnerability (CVE-2022-39975)
CVE-2022-39975
CWE-862
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3000)
CVE-2022-3000
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3002)
CVE-2022-3002
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3004)
CVE-2022-3004
CWE-707
Medium
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3005)
CVE-2022-3005
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-3361)
CVE-2022-3361
CWE-22
Medium
WordPress Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-3590)
CVE-2022-3590
CWE-367
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3765)
CVE-2022-3765
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3766)
CVE-2022-3766
CWE-707
Medium
Moodle Other Vulnerability (CVE-2022-40208)
CVE-2022-40208
-
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-40316)
CVE-2022-40316
CWE-668
Medium
Apache Traffic Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40743)
CVE-2022-40743
CWE-707
Medium
SharePoint CVE-2022-41060 Vulnerability (CVE-2022-41060)
CVE-2022-41060
-
Medium
SharePoint CVE-2022-41103 Vulnerability (CVE-2022-41103)
CVE-2022-41103
-
Medium
SharePoint CVE-2022-41122 Vulnerability (CVE-2022-41122)
CVE-2022-41122
-
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-41224)
CVE-2022-41224
CWE-707
Medium
Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-41317)
CVE-2022-41317
CWE-668
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-41414)
CVE-2022-41414
CWE-276
Medium
MediaWiki Observable Discrepancy Vulnerability (CVE-2022-41765)
CVE-2022-41765
CWE-203
Medium
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2022-41766)
CVE-2022-41766
CWE-732
Medium
MediaWiki CVE-2022-41767 Vulnerability (CVE-2022-41767)
CVE-2022-41767
-
Medium
XWiki Missing Authorization Vulnerability (CVE-2022-41929)
CVE-2022-41929
CWE-862
Medium
XWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-41932)
CVE-2022-41932
CWE-770
Medium
XWiki Insufficiently Protected Credentials Vulnerability (CVE-2022-41933)
CVE-2022-41933
CWE-522
Medium
XWiki Other Vulnerability (CVE-2022-41935)
CVE-2022-41935
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42110)
CVE-2022-42110
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42110)
CVE-2022-42110
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42111)
CVE-2022-42111
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42111)
CVE-2022-42111
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42112)
CVE-2022-42112
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42112)
CVE-2022-42112
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42113)
CVE-2022-42113
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42114)
CVE-2022-42114
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42114)
CVE-2022-42114
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42115)
CVE-2022-42115
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42116)
CVE-2022-42116
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42116)
CVE-2022-42116
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42117)
CVE-2022-42117
CWE-707
Medium