Web Vulnerability & Security Check

Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category

Select Vulnerability

Vulnerability Name

Classification

Severity

Rickshaw Identified

Information

RiotJs Identified

Information

ROBOT Attack Detected (Strong Oracle)

High

ROBOT Attack Detected (Weak Oracle)

High

Robots.txt Detected

Information

RoR Database Configuration File Detected

Low

RoR Development Mode Enabled

Low

Roundcube Detected

Information

RSA Private Key Detected

Medium

RubyGems Identified

Information

Ruby on Rails File Content Disclosure (CVE-2019-5418)

High

Ruby on Rails Identified

Information

Rukovoditel Detected

Information

SailsJS Identified

Information

SameSite Cookie Not Implemented

Best Practice

SameSite None Cookie Not Marked as Secure

Best Practice

SAML Consumer Service KeyInfo RetrievalMethod SSRF

Medium

SAML Consumer Service XSS Vulnerability

Medium

SAML Response Signature Exclusion

High

SAML Response Without Signature

High

Scheme URI Detected in Content Security Policy (CSP) Directive

Information

ScrollReveal Identified

Information

Security.txt Detected

Information

Select2 Identified

Information

SemanticUI Identified

Information

Sensitive Data Exposure

Medium

Sensitive Data Exposure - Amazon AWS Access Key Id

Medium

Sensitive Data Exposure - Amazon AWS Secret Key

Medium

Sensitive Data Exposure - Amazon MWS Auth Token

Medium

Sensitive Data Exposure - Amazon SES SMTP Password

Medium

Sensitive Data Exposure - Consul Token

Medium

Sensitive Data Exposure - Database Connection String - MongoDB - MySQL

Medium

Sensitive Data Exposure - Database Connection String - PostgreSQL

Medium

Sensitive Data Exposure - Devise Secret Key

Medium

Sensitive Data Exposure - Facebook Access Token

Medium

Sensitive Data Exposure - Facebook App ID

Medium

Sensitive Data Exposure - Facebook App Secret

Medium

Sensitive Data Exposure - Gitlab Personal Access Token

Medium

Sensitive Data Exposure - Google Cloud API Key

Medium

Sensitive Data Exposure - Google OAuth Access Token

Medium

Sensitive Data Exposure - Heroku API Key

Medium

Sensitive Data Exposure - JDBC Database Connection String

Medium

Sensitive Data Exposure - Jenkins Secret

Medium

Sensitive Data Exposure - LinkedIn API Key

Medium

Sensitive Data Exposure - MailChimp API Key

Medium

Sensitive Data Exposure - MailGun API Key

Medium

Sensitive Data Exposure - Mapbox Token

Medium

Sensitive Data Exposure - Nexmo Secret

Medium

Sensitive Data Exposure - NPM Access Token

Medium

Sensitive Data Exposure - NuGet API Key

Medium

Sensitive Data Exposure - Okta Secret Key

Medium

Sensitive Data Exposure - Omise Secret Key

Medium

Sensitive Data Exposure - Paypal Access Token

Medium

Sensitive Data Exposure - Picatic API key

Medium

Sensitive Data Exposure - SendGrid API Key

Medium

Sensitive Data Exposure - Sentry Auth Token

Medium

Sensitive Data Exposure - Slack Token

Medium

Sensitive Data Exposure - Slack v1.x Token

Medium

Sensitive Data Exposure - Slack Webhook

Medium

Sensitive Data Exposure - SonarQube User Token

Medium

Sensitive Data Exposure - Square OAuth Secret

Medium

Sensitive Data Exposure - Square Personal Access Token

Medium

Sensitive Data Exposure - SSH Key

Medium

Sensitive Data Exposure - Stripe API key

Medium

Sensitive Data Exposure - Symfony Application Secret

Medium

Sensitive Data Exposure - Teams Webhook

Medium

Sensitive Data Exposure - Telegram Bot API Token

Medium

Sensitive Data Exposure - Twilio API Key

Medium

Sensitive Data Exposure - Twitter Access Token Secret

Medium

Sensitive Data Exposure - Twitter API Secret Key

Medium

Sensitive Data Exposure - WordPress Authentication Key/Salt

Medium

Sensitive Pages Could Be Cached

Low

SeoPanel Detected

Information

Serendipity Detected

Information