Web Vulnerability & Security Check

Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category

Select Vulnerability

Vulnerability Name

Classification

Severity

Internal IP Address Disclosure

Low

Internal Path Disclosure (*nix)

Information

Internal Path Disclosure (Windows)

Information

Internal Server Error

Low

Introjs Identified

Information

Invalid Content Security Policy (CSP) Directive Identified in meta Elements

Information

Invalid SSL Certificate

Medium

IonRangeSlider Identified

Information

Ivanti ICS and IPS Command Injection - CVE-2024-2188

Critical

Ivanti ICS and IPS Command Injection - CVE-2024-21887

Critical

Java Identified

Information

JavaMelody Interface Detected

Medium

JavaScriptCookie Identified

Information

Java Servlet Identified

Information

Java Verb Tampering Via Misconfigured Security Constraint

Medium

JBoss Application Server Identified

Information

JBoss Core Services Identified

Information

JBoss Enterprise Application Platform Identified

Information

JBoss Web Console JMX Invoker

High

Jenkins Identified

Information

JetBrains .idea Project Directory Detected

Medium

Jetty Web Server Identified

Information

Jolokia Identified

Information

Joomla Detected

Information

jPlayer Identified

Information

jQuery Identified

Information

JqueryMask Identified

Information

jQueryMigrate Identified

Information

jQueryMobile Identified

Information

JQuery placeholder.js Identified

Information

jQueryUiAutocomplete Identified

Information

jQueryUiDialog Identified

Information

jQueryUiTooltip Identified

Information

JqueryValidation Identified

Information

Json Web Key Set Disclosure

Information

Information

JsTree Identified

Information

jszip Identified

Information

Information

JWT Forgery via Chaining Jku Parameter with Open Redirect

High

JWT Forgery via Path Traversal

High

JWT Forgery via SQL Injection

High

JWT Forgery via unvalidated jku parameter

High

JWT kid Parameter Out of Band Command Injection

Critical

JWT Signature Bypass via None Algorithm

High

JWT Signature is not Verified

High

Kestrel Detected

Information

Knockoutjs Identified

Information

KnockoutMapping Identified

Information

Kong Identified

Information

Laravel Debug Mode Enabled

Low

Laravel Environment Configuration File Detected

Low

Lazyjs Identified

Information

LDAP Injection (IAST)

Critical

Leaflet Identified

Information

Liferay Digital Experience Platform Detected

Information

Liferay Portal Detected

Information

Lightbox Identified

Information

Lighthouse Identified

Information

Lighttpd Identified

Information

LimeSurvey Detected

Information

ListJs Identified

Information

LiteSpeed Web Server Identified

Information

Local File Inclusion

High

Local File Inclusion (IAST)

High

Lodash Identified

Information

Log File Detected

Information

Login Page Identified

Information

Information

Magento Identified

Information

Mail Header Injection (IAST)

Critical

Mailman Identified

Information

Malware Identified

Critical

MarionetteJs Identified

Information