Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Local File Inclusion (IAST)
Local File Inclusion (IAST)
High
Lodash Identified
Lodash Identified
Information
Lodash Identified
Lodash Identified
Information
Log File Detected
Log File Detected
Information
Login Page Identified
Login Page Identified
Information
Lua Identified
Lua Identified
Information
Lua Identified
Lua Identified
Information
MODX Detected
MODX Detected
Information
MOVEit Identified
MOVEit Identified
Information
MOVEit Identified
MOVEit Identified
Information
Magento Identified
Magento Identified
Information
Mail Header Injection (IAST)
Mail Header Injection (IAST)
Critical
Mailman Identified
Mailman Identified
Information
Mailman Identified
Mailman Identified
Information
Malware Identified
Malware Identified
Critical
MarionetteJs Identified
MarionetteJs Identified
Information
MarionetteJs Identified
MarionetteJs Identified
Information
Masa CMS Identified
Masa CMS Identified
Information
Masa CMS Identified
Masa CMS Identified
Information
Mashery Proxy Identified
Mashery Proxy Identified
Information
MathJax Identified
MathJax Identified
Information
MathJax Identified
MathJax Identified
Information
MathJs Identified
MathJs Identified
Information
MathJs Identified
MathJs Identified
Information
MediaWiki Detected
MediaWiki Detected
Information
Mibew Messenger Detected
Mibew Messenger Detected
Information
Microsoft Access Database File Detected
Microsoft Access Database File Detected
Medium
Microsoft IIS Log File Detected
Microsoft IIS Log File Detected
Low
Microsoft Outlook Personal Folders File (.pst) Found
Microsoft Outlook Personal Folders File (.pst) Found
Low
Mint Detected
Mint Detected
Information
Misconfigured Access-Control-Allow-Origin Header
Misconfigured Access-Control-Allow-Origin Header
Low
Misconfigured Frame
Misconfigured Frame
Low
Misconfigured X-Frame-Options Header
Misconfigured X-Frame-Options Header
Low
Misconfigured X-Frame-Options Header
Misconfigured X-Frame-Options Header
Low
Missing Content-Type Header
Missing Content-Type Header
Low
Missing X-Content-Type-Options Header
Missing X-Content-Type-Options Header
Low
Missing X-Content-Type-Options Header
Missing X-Content-Type-Options Header
Low
Missing X-Frame-Options Header
Missing X-Frame-Options Header
Low
Missing X-Frame-Options Header
Missing X-Frame-Options Header
Low
Missing X-XSS-Protection Header
Missing X-XSS-Protection Header
Best Practice
Missing X-XSS-Protection Header
Missing X-XSS-Protection Header
Best Practice
Missing frame-ancestors in CSP Declaration
Missing frame-ancestors in CSP Declaration
Information
Missing frame-ancestors in CSP Declaration
Missing frame-ancestors in CSP Declaration
Information
Missing object-src in CSP Declaration
Missing object-src in CSP Declaration
Information
Mithril Identified
Mithril Identified
Information
Mithril Identified
Mithril Identified
Information
Mod_Ssl Identified
Mod_Ssl Identified
Information
Modernizr Identified
Modernizr Identified
Information
Modernizr Identified
Modernizr Identified
Information
Momentjs Identified
Momentjs Identified
Information
Momentjs Identified
Momentjs Identified
Information
MongoDB Injection (IAST)
MongoDB Injection (IAST)
Critical
MongoDB Operator Injection
MongoDB Operator Injection
High
MongoDB Operator Injection
MongoDB Operator Injection
High
Mongrel Identified
Mongrel Identified
Information
Moodle Detected
Moodle Detected
Information
Movable Type Detected
Movable Type Detected
Information
Movable Type Detected
Movable Type Detected
Information
Multiple Content Security Policy (CSP) Implementation Detected
Multiple Content Security Policy (CSP) Implementation Detected
Information
Multiple Declarations in X-Frame-Options Header
Multiple Declarations in X-Frame-Options Header
Low
Multiple Declarations in X-Frame-Options Header
Multiple Declarations in X-Frame-Options Header
Low
Mustachejs Identified
Mustachejs Identified
Information
Mustachejs Identified
Mustachejs Identified
Information
MyBB Detected
MyBB Detected
Information
NTLM Authorization Required
NTLM Authorization Required
Information
Next.js React Framework Identified
Next.js React Framework Identified
Information
Nexus Repository OSS Identified
Nexus Repository OSS Identified
Information
Nginx Web Server Identified
Nginx Web Server Identified
Information
No SAML Response Signature Check
No SAML Response Signature Check
High
No SAML Response Signature Check
No SAML Response Signature Check
High
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP)
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP)
Information
Node.js Web Application does not handle uncaughtException
Node.js Web Application does not handle uncaughtException
Medium
Node.js Web Application does not handle unhandledRejection
Node.js Web Application does not handle unhandledRejection
Medium
Nonce Usage Detected in Content Security Policy (CSP) Directive
Nonce Usage Detected in Content Security Policy (CSP) Directive
Information