Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Medium Severity Vulnerabilities

Found 8102 vulnerabilities at Medium severity.

Vulnerability Name
CVE
CWE
Severity
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44952)
CVE-2022-44952
CWE-707
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-45149)
CVE-2022-45149
CWE-352
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45150)
CVE-2022-45150
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45151)
CVE-2022-45151
CWE-707
Medium
Liferay DXP CVE-2022-45320 Vulnerability (CVE-2022-45320)
CVE-2022-45320
-
Medium
Liferay Portal CVE-2022-45320 Vulnerability (CVE-2022-45320)
CVE-2022-45320
-
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45783)
CVE-2022-45783
CWE-22
Medium
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-46158)
CVE-2022-46158
CWE-200
Medium
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2022-47927)
CVE-2022-47927
CWE-732
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48007)
CVE-2022-48007
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48010)
CVE-2022-48010
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48110)
CVE-2022-48110
CWE-707
Medium
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-48564)
CVE-2022-48564
CWE-400
Medium
OpenSSL Out-of-bounds Read Vulnerability (CVE-2022-4203)
CVE-2022-4203
CWE-125
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4271)
CVE-2022-4271
CWE-707
Medium
OpenSSL Observable Discrepancy Vulnerability (CVE-2022-4304)
CVE-2022-4304
CWE-203
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4407)
CVE-2022-4407
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4408)
CVE-2022-4408
CWE-707
Medium
PHP Out-of-bounds Write Vulnerability (CVE-2022-4900)
CVE-2022-4900
CWE-787
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4973)
CVE-2022-4973
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0306)
CVE-2023-0306
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0308)
CVE-2023-0308
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0309)
CVE-2023-0309
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0310)
CVE-2023-0310
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0312)
CVE-2023-0312
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0313)
CVE-2023-0313
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0314)
CVE-2023-0314
CWE-707
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0465)
CVE-2023-0465
CWE-295
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0466)
CVE-2023-0466
CWE-295
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0507)
CVE-2023-0507
CWE-707
Medium
PHP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2023-0567)
CVE-2023-0567
CWE-916
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0594)
CVE-2023-0594
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606)
CVE-2023-0606
CWE-707
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0607)
CVE-2023-0607
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0786)
CVE-2023-0786
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0787)
CVE-2023-0787
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0791)
CVE-2023-0791
CWE-707
Medium
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0792)
CVE-2023-0792
CWE-94
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0794)
CVE-2023-0794
CWE-707
Medium
phpMyFAQ Misinterpretation of Input Vulnerability (CVE-2023-0880)
CVE-2023-0880
CWE-115
Medium
OpenSSL Out-of-bounds Read Vulnerability (CVE-2023-1255)
CVE-2023-1255
CWE-125
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1315)
CVE-2023-1315
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1316)
CVE-2023-1316
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1317)
CVE-2023-1317
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1318)
CVE-2023-1318
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1319)
CVE-2023-1319
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1320)
CVE-2023-1320
CWE-707
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-1402)
CVE-2023-1402
CWE-668
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1410)
CVE-2023-1410
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1754)
CVE-2023-1754
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1755)
CVE-2023-1755
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1756)
CVE-2023-1756
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1757)
CVE-2023-1757
CWE-707
Medium
phpMyFAQ Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) Vulnerability (CVE-2023-1758)
CVE-2023-1758
CWE-75
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1759)
CVE-2023-1759
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1760)
CVE-2023-1760
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1761)
CVE-2023-1761
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1875)
CVE-2023-1875
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1878)
CVE-2023-1878
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1879)
CVE-2023-1879
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1880)
CVE-2023-1880
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1882)
CVE-2023-1882
CWE-707
Medium
phpMyFAQ Improper Access Control Vulnerability (CVE-2023-1883)
CVE-2023-1883
CWE-284
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1884)
CVE-2023-1884
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1885)
CVE-2023-1885
CWE-707
Medium
phpMyFAQ Business Logic Errors Vulnerability (CVE-2023-1887)
CVE-2023-1887
-
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1932)
CVE-2023-1932
CWE-707
Medium
SharePoint CVE-2023-21743 Vulnerability (CVE-2023-21743)
CVE-2023-21743
-
Medium
Oracle JRE CVE-2023-21830 Vulnerability (CVE-2023-21830)
CVE-2023-21830
-
Medium
Oracle JRE CVE-2023-21835 Vulnerability (CVE-2023-21835)
CVE-2023-21835
-
Medium
MySQL CVE-2023-21875 Vulnerability (CVE-2023-21875)
CVE-2023-21875
-
Medium
MySQL CVE-2023-21876 Vulnerability (CVE-2023-21876)
CVE-2023-21876
-
Medium
MySQL CVE-2023-21877 Vulnerability (CVE-2023-21877)
CVE-2023-21877
-
Medium
MySQL CVE-2023-21878 Vulnerability (CVE-2023-21878)
CVE-2023-21878
-
Medium
MySQL CVE-2023-21879 Vulnerability (CVE-2023-21879)
CVE-2023-21879
-
Medium