Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Default Page Detected (IIS 10.0)
Default Page Detected (IIS 10.0)
Information
Default Page Detected (IIS 6)
Default Page Detected (IIS 6)
Information
Default Page Detected (IIS 7)
Default Page Detected (IIS 7)
Information
Default Page Detected (IIS 7.5)
Default Page Detected (IIS 7.5)
Information
Default Page Detected (IIS 7.X)
Default Page Detected (IIS 7.X)
Information
Default Page Detected (IIS 8)
Default Page Detected (IIS 8)
Information
Default Page Detected (IIS 8.5)
Default Page Detected (IIS 8.5)
Information
Default Page Detected (Tomcat)
Default Page Detected (Tomcat)
Information
default-src Used in Content Security Policy (CSP)
default-src Used in Content Security Policy (CSP)
Information
Denial of Service (MySQL)
Denial of Service (MySQL)
Information
Deprecated Header Instruction Used to Implement Content Security Policy (CSP)
Deprecated Header Instruction Used to Implement Content Security Policy (CSP)
Information
Digest Authorization Required
Digest Authorization Required
Information
Directory Listing (Apache)
Directory Listing (Apache)
Information
Directory Listing (ASP.NET Server)
Directory Listing (ASP.NET Server)
Information
Directory Listing (IIS)
Directory Listing (IIS)
Information
Directory Listing (Lighttpd)
Directory Listing (Lighttpd)
Information
Directory Listing (LiteSpeed)
Directory Listing (LiteSpeed)
Information
Directory Listing (Nginx)
Directory Listing (Nginx)
Information
Directory Listing (Tomcat)
Directory Listing (Tomcat)
Information
Directory Listing (WebDAV)
Directory Listing (WebDAV)
Information
Django Debug Mode Enabled
Django Debug Mode Enabled
Low
Django Identified
Django Identified
Information
Docker Cloud Stack File Detected
Docker Cloud Stack File Detected
Low
Docker Compose File Detected
Docker Compose File Detected
Low
Dockerfile Detected
Dockerfile Detected
Low
.dockerignore File Detected
.dockerignore File Detected
Low
Dojo Identified
Dojo Identified
Information
DokuWiki Detected
DokuWiki Detected
Information
Dolibarr Detected
Dolibarr Detected
Information
Dolphin Detected
Dolphin Detected
Information
DomPurify Identified
DomPurify Identified
Information
DotClear Detected
DotClear Detected
Information
dotCMS Identified
dotCMS Identified
Information
Drupal Core - Remote Code Execution (CVE-2019-6340)
Drupal Core - Remote Code Execution (CVE-2019-6340)
Critical
Drupal Detected
Drupal Detected
Information
.DS_Store File Found
.DS_Store File Found
Low
Dwr Identified
Dwr Identified
Information
e107 Detected
e107 Detected
Information
EasyXdm Identified
EasyXdm Identified
Information
EfJs Identified
EfJs Identified
Information
Elgg Detected
Elgg Detected
Information
Elmah.axd / Errorlog.axd Detected
Elmah.axd / Errorlog.axd Detected
High
Email Address Disclosure
Email Address Disclosure
Information
Ember Identified
Ember Identified
Information
Error-Based MongoDB Injection
Error-Based MongoDB Injection
High
EspoCRM Detected
EspoCRM Detected
Information
Exception Report Disclosure (Tomcat)
Exception Report Disclosure (Tomcat)
Low
Expired SSL Certificate
Expired SSL Certificate
Medium
Express Development Mode Is Enabled
Express Development Mode Is Enabled
Medium
Express express-session Weak Secret Key Detected
Express express-session Weak Secret Key Detected
Medium
Expression Language Injection
Expression Language Injection
High
ExpressJS Identified
ExpressJS Identified
Information
ExtJs Identified
ExtJs Identified
Information
EZProxy Identified
EZProxy Identified
Information
F5 Big-IP Local File Inclusion (CVE-2020-5902)
F5 Big-IP Local File Inclusion (CVE-2020-5902)
High
FabricJs Identified
FabricJs Identified
Information
Family Connections Detected
Family Connections Detected
Information
FancyBox Identified
FancyBox Identified
Information
File Upload Functionality Detected
File Upload Functionality Detected
Information
Fingerprintjs2 Identified
Fingerprintjs2 Identified
Information
Flickity Identified
Flickity Identified
Information
FluxBB Detected
FluxBB Detected
Information
Footablejs Identified
Footablejs Identified
Information
Forbidden Resource
Forbidden Resource
Information
Form Hijacking
Form Hijacking
Low
Form Tools Detected
Form Tools Detected
Information
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
High
Foundation Identified
Foundation Identified
Information
Frame Injection
Frame Injection
Medium
Front Accounting Detected
Front Accounting Detected
Information
FrontPage Identified
FrontPage Identified
Information
FuelUx Identified
FuelUx Identified
Information
Generic Email Address Disclosure
Generic Email Address Disclosure
Information
GeoServer Identified
GeoServer Identified
Information