Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
(Deprecated) Version Disclosure (mod_ssl)
(Deprecated) Version Disclosure (mod_ssl)
Low
.DS_Store File Found
.DS_Store File Found
Low
.dockerignore File Detected
.dockerignore File Detected
Low
ASP.NET ViewStateUserKey Is Not Set
ASP.NET ViewStateUserKey Is Not Set
Low
AWS Dockerrun Configuration File Detected
AWS Dockerrun Configuration File Detected
Low
Apache MultiViews Enabled
Apache MultiViews Enabled
Low
Apache Multiple Choices Enabled
Apache Multiple Choices Enabled
Low
Autocomplete is Enabled
Autocomplete is Enabled
Low
Backup File Disclosure
Backup File Disclosure
Low
Cookie Not Marked as HttpOnly
Cookie Not Marked as HttpOnly
Low
Cookie Not Marked as Secure
Cookie Not Marked as Secure
Low
Cookie Values Used in Anti-CSRF Token
Cookie Values Used in Anti-CSRF Token
Low
Cross-site Request Forgery
Cross-site Request Forgery
Low
Cross-site Request Forgery in Login Form
Cross-site Request Forgery in Login Form
Low
Database Error Message Disclosure
Database Error Message Disclosure
Low
Database Name Disclosure (Microsoft SQL Server)
Database Name Disclosure (Microsoft SQL Server)
Low
Database Name Disclosure (MySQL)
Database Name Disclosure (MySQL)
Low
Django Debug Mode Enabled
Django Debug Mode Enabled
Low
Docker Cloud Stack File Detected
Docker Cloud Stack File Detected
Low
Docker Compose File Detected
Docker Compose File Detected
Low
Dockerfile Detected
Dockerfile Detected
Low
Exception Report Disclosure (Tomcat)
Exception Report Disclosure (Tomcat)
Low
Form Hijacking
Form Hijacking
Low
Information Disclosure (Microsoft Office)
Information Disclosure (Microsoft Office)
Low
Insecure Frame (External)
Insecure Frame (External)
Low
Insecure JSONP Endpoint
Insecure JSONP Endpoint
Low
Insecure Reflected Content
Insecure Reflected Content
Low
Internal IP Address Disclosure
Internal IP Address Disclosure
Low
Internal Server Error
Internal Server Error
Low
Laravel Debug Mode Enabled
Laravel Debug Mode Enabled
Low
Laravel Environment Configuration File Detected
Laravel Environment Configuration File Detected
Low
Microsoft IIS Log File Detected
Microsoft IIS Log File Detected
Low
Microsoft Outlook Personal Folders File (.pst) Found
Microsoft Outlook Personal Folders File (.pst) Found
Low
Misconfigured Access-Control-Allow-Origin Header
Misconfigured Access-Control-Allow-Origin Header
Low
Misconfigured Frame
Misconfigured Frame
Low
Misconfigured X-Frame-Options Header
Misconfigured X-Frame-Options Header
Low
Missing Content-Type Header
Missing Content-Type Header
Low
Missing X-Content-Type-Options Header
Missing X-Content-Type-Options Header
Low
Missing X-Frame-Options Header
Missing X-Frame-Options Header
Low
Multiple Declarations in X-Frame-Options Header
Multiple Declarations in X-Frame-Options Header
Low
Open Redirection in POST method
Open Redirection in POST method
Low
Out-of-date Component ({applicationName})
Out-of-date Component ({applicationName})
Low
PHP allow_url_fopen Is Enabled
PHP allow_url_fopen Is Enabled
Low
PHP allow_url_include Is Enabled
PHP allow_url_include Is Enabled
Low
PHP display_errors Is Enabled
PHP display_errors Is Enabled
Low
PHP open_basedir Is Not Configured
PHP open_basedir Is Not Configured
Low
Passive Mixed Content over HTTPS
Passive Mixed Content over HTTPS
Low
Passive Web Backdoor Detected
Passive Web Backdoor Detected
Low
Phishing by Navigating Browser Tabs
Phishing by Navigating Browser Tabs
Low
Programming Error Message
Programming Error Message
Low
Programming Error Message (Ruby)
Programming Error Message (Ruby)
Low
Prototype Pollution
Prototype Pollution
Low
Reflected File Download
Reflected File Download
Low
RoR Database Configuration File Detected
RoR Database Configuration File Detected
Low
RoR Development Mode Enabled
RoR Development Mode Enabled
Low
Sensitive Pages Could Be Cached
Sensitive Pages Could Be Cached
Low
Social Security Number Disclosure
Social Security Number Disclosure
Low
Stack Trace Disclosure (ASP.NET)
Stack Trace Disclosure (ASP.NET)
Low
Stack Trace Disclosure (Apache MyFaces)
Stack Trace Disclosure (Apache MyFaces)
Low
Stack Trace Disclosure (Apache Shiro)
Stack Trace Disclosure (Apache Shiro)
Low
Stack Trace Disclosure (CakePHP Framework)
Stack Trace Disclosure (CakePHP Framework)
Low
Stack Trace Disclosure (CherryPy)
Stack Trace Disclosure (CherryPy)
Low
Stack Trace Disclosure (Grails)
Stack Trace Disclosure (Grails)
Low
Stack Trace Disclosure (GraphQL)
Stack Trace Disclosure (GraphQL)
Low
Stack Trace Disclosure (Node.js)
Stack Trace Disclosure (Node.js)
Low
Stack Trace Disclosure (PHP)
Stack Trace Disclosure (PHP)
Low
Struts2 Development Mode Enabled
Struts2 Development Mode Enabled
Low
Subresource Integrity (SRI) Hash Invalid
Subresource Integrity (SRI) Hash Invalid
Low
TRACE/TRACK Method Detected
TRACE/TRACK Method Detected
Low
Unexpected Redirect Response Body (Two Responses)
Unexpected Redirect Response Body (Two Responses)
Low
User Controllable Cookie
User Controllable Cookie
Low
Username Disclosure (Microsoft SQL Server)
Username Disclosure (Microsoft SQL Server)
Low
Username Disclosure (MySQL)
Username Disclosure (MySQL)
Low
Version Disclosure (ASP.NET MVC)
Version Disclosure (ASP.NET MVC)
Low