Web Vulnerability & Security Check

Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category

Select Vulnerability

Vulnerability Name

Classification

Severity

Private Burp Collaborator Server Identified

Information

Private Json Web Key Set Disclosure

Critical

Programming Error Message

Low

Programming Error Message (Ruby)

Low

Progress MOVEit Transfer SQL Injection

High

ProjectSend Detected

Information

Prototype Pollution

Low

Prototypejs Identified

Information

Python Identified

Information

Python WSGIserver Identified

Information

Question2Answer Detected

Information

ROBOT Attack Detected (Strong Oracle)

High

ROBOT Attack Detected (Weak Oracle)

High

RSA Private Key Detected

Medium

Ramda Identified

Information

React Identified

Information

Readme/Help File Detected

Information

Referrer-Policy Needs Proper Fallback

Information

Referrer-Policy Not Implemented

Best Practice

Reflected File Download

Low

RegreSSHion Attack (CVE-2024-6387)

Critical

Remote Code Execution (Spring4Shell)

Critical

Remote Code Execution and DoS in HTTP.sys (IIS)

Critical

Remote File Inclusion

Critical

RequireJs Identified

Information

Resin Application Server Identified

Information

Respondjs Identified

Information

Restlet Framework Identified

Information

Retired Hash Function in SAML Response

Information

RevealJs Identified

Information

Reverse Proxy Detected (Apache Traffic Server)

Information

Reverse Proxy Detected (Citrix Netscaler)

Information

Reverse Proxy Detected (Envoy)

Information

Reverse Proxy Detected (F5 BIG-IP)

Information

Reverse Proxy Detected (HAProxy)

Information

Reverse Proxy Detected (Skipper)

Information

Revive Adserver Detected

Information

Revoked SSL Certificate

Medium

Rickshaw Identified

Information

RiotJs Identified

Information

RoR Database Configuration File Detected

Low

RoR Development Mode Enabled

Low

Robots.txt Detected

Information

Roundcube Detected

Information

Ruby on Rails File Content Disclosure (CVE-2019-5418)

High

Ruby on Rails Identified

Information

RubyGems Identified

Information

Rukovoditel Detected

Information

SAML Consumer Service KeyInfo RetrievalMethod SSRF

Medium

SAML Consumer Service XSS Vulnerability

Medium

SAML Response Signature Exclusion

High

SAML Response Without Signature

High

SQL File Detected

Information

Critical

SQL Injection (IAST)

Critical

SQLite Database File Found

Medium

SSL Certificate Is About To Expire

Medium

SSL Certificate Name Hostname Mismatch

Medium

SSL Untrusted Root Certificate

Medium

SSL/TLS Not Implemented

Medium

High

SailsJS Identified

Information

SameSite Cookie Not Implemented

Best Practice

SameSite None Cookie Not Marked as Secure

Best Practice

Scheme URI Detected in Content Security Policy (CSP) Directive

Information

ScrollReveal Identified

Information

Security.txt Detected

Information

Select2 Identified

Information

SemanticUI Identified

Information

Sensitive Data Exposure

Medium

Sensitive Data Exposure - Amazon AWS Access Key Id

Medium

Sensitive Data Exposure - Amazon AWS Secret Key

Medium

Sensitive Data Exposure - Amazon MWS Auth Token

Medium

Sensitive Data Exposure - Amazon SES SMTP Password

Medium