Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Travis CI Configuration File Detected
Travis CI Configuration File Detected
Information
TwistedWeb HTTP Server Identified
TwistedWeb HTTP Server Identified
Information
Typeaheadjs Identified
Typeaheadjs Identified
Information
Typo3 Identified
Typo3 Identified
Information
UAParser.js Identified
UAParser.js Identified
Information
UNC Server and Share Disclosure
UNC Server and Share Disclosure
Information
Underscorejs Identified
Underscorejs Identified
Information
Undertow Web Server Identified
Undertow Web Server Identified
Information
Unexpected Redirect Response Body (Too Large)
Unexpected Redirect Response Body (Too Large)
Information
Unexpected Redirect Response Body (Two Responses)
Unexpected Redirect Response Body (Two Responses)
Low
Unicode Transformation (Best-Fit Mapping)
Unicode Transformation (Best-Fit Mapping)
Medium
Unknown Option Used In Referrer-Policy
Unknown Option Used In Referrer-Policy
Information
Unrestricted File Upload
Unrestricted File Upload
High
Unsafe CSP (Content Security Policy): Unsafe-eval & Inline
Unsafe CSP (Content Security Policy): Unsafe-eval & Inline
Information
Unsafe value for session tracking in WEB-INF/web.xml
Unsafe value for session tracking in WEB-INF/web.xml
Medium
Unsupported Hash Detected in Content Security Policy (CSP)
Unsupported Hash Detected in Content Security Policy (CSP)
Information
User Controllable Cookie
User Controllable Cookie
Low
Username Disclosure (Microsoft SQL Server)
Username Disclosure (Microsoft SQL Server)
Low
Username Disclosure (MySQL)
Username Disclosure (MySQL)
Low
VMware Aria Operations for Networks Remote Code Execution (CVE-2023-20887)
VMware Aria Operations for Networks Remote Code Execution (CVE-2023-20887)
Critical
Vanilla Forums Detected
Vanilla Forums Detected
Information
Varnish HTTP Cache Server Identified
Varnish HTTP Cache Server Identified
Information
Vegur Identified
Vegur Identified
Information
Version Disclosure (ASP.NET MVC)
Version Disclosure (ASP.NET MVC)
Low
Version Disclosure (ASP.NET)
Version Disclosure (ASP.NET)
Low
Version Disclosure (AbanteCart)
Version Disclosure (AbanteCart)
Low
Version Disclosure (Ampache)
Version Disclosure (Ampache)
Low
Version Disclosure (Angular)
Version Disclosure (Angular)
Low
Version Disclosure (Angularjs)
Version Disclosure (Angularjs)
Low
Version Disclosure (Apache Coyote)
Version Disclosure (Apache Coyote)
Low
Version Disclosure (Apache Module)
Version Disclosure (Apache Module)
Low
Version Disclosure (Apache Traffic Server)
Version Disclosure (Apache Traffic Server)
Low
Version Disclosure (Apache)
Version Disclosure (Apache)
Low
Version Disclosure (Artifactory DevOps Solution)
Version Disclosure (Artifactory DevOps Solution)
Low
Version Disclosure (AspNetSignalR)
Version Disclosure (AspNetSignalR)
Low
Version Disclosure (Atlassian Confluence)
Version Disclosure (Atlassian Confluence)
Low
Version Disclosure (Atlassian Jira)
Version Disclosure (Atlassian Jira)
Low
Version Disclosure (Atlassian Proxy)
Version Disclosure (Atlassian Proxy)
Low
Version Disclosure (Atutor)
Version Disclosure (Atutor)
Low
Version Disclosure (Axios)
Version Disclosure (Axios)
Low
Version Disclosure (Axway SecureTransport Server)
Version Disclosure (Axway SecureTransport Server)
Low
Version Disclosure (B2evolution)
Version Disclosure (B2evolution)
Low
Version Disclosure (Backbonejs)
Version Disclosure (Backbonejs)
Low
Version Disclosure (Bluebird)
Version Disclosure (Bluebird)
Low
Version Disclosure (Bootbox)
Version Disclosure (Bootbox)
Low
Version Disclosure (Bootstrap3DateTimePicker)
Version Disclosure (Bootstrap3DateTimePicker)
Low
Version Disclosure (BootstrapSelect)
Version Disclosure (BootstrapSelect)
Low
Version Disclosure (BootstrapTable)
Version Disclosure (BootstrapTable)
Low
Version Disclosure (BootstrapToggle)
Version Disclosure (BootstrapToggle)
Low
Version Disclosure (BootstrapTypeahead)
Version Disclosure (BootstrapTypeahead)
Low
Version Disclosure (Bootstrapjs)
Version Disclosure (Bootstrapjs)
Low
Version Disclosure (CakePHP Framework)
Version Disclosure (CakePHP Framework)
Low
Version Disclosure (CanvasJS)
Version Disclosure (CanvasJS)
Low
Version Disclosure (Chamilo)
Version Disclosure (Chamilo)
Low
Version Disclosure (Chartjs)
Version Disclosure (Chartjs)
Low
Version Disclosure (Cherokee)
Version Disclosure (Cherokee)
Low
Version Disclosure (CherryPy)
Version Disclosure (CherryPy)
Low
Version Disclosure (Ckeditor)
Version Disclosure (Ckeditor)
Low
Version Disclosure (Claroline)
Version Disclosure (Claroline)
Low
Version Disclosure (ClipBucket)
Version Disclosure (ClipBucket)
Low
Version Disclosure (Collabtive)
Version Disclosure (Collabtive)
Low
Version Disclosure (Concrete5)
Version Disclosure (Concrete5)
Low
Version Disclosure (Contao)
Version Disclosure (Contao)
Low
Version Disclosure (Coppermine)
Version Disclosure (Coppermine)
Low
Version Disclosure (Cowboy HTTP Server)
Version Disclosure (Cowboy HTTP Server)
Low
Version Disclosure (CubeCart)
Version Disclosure (CubeCart)
Low
Version Disclosure (D3Js)
Version Disclosure (D3Js)
Low
Version Disclosure (Daiquiri)
Version Disclosure (Daiquiri)
Low
Version Disclosure (DataTables)
Version Disclosure (DataTables)
Low
Version Disclosure (Django)
Version Disclosure (Django)
Low
Version Disclosure (Dojo)
Version Disclosure (Dojo)
Low
Version Disclosure (Dolibarr)
Version Disclosure (Dolibarr)
Low
Version Disclosure (Dolphin)
Version Disclosure (Dolphin)
Low
Version Disclosure (DomPurify)
Version Disclosure (DomPurify)
Low