Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Directory Listing (ASP.NET Server)
Directory Listing (ASP.NET Server)
Information
Directory Listing (Apache)
Directory Listing (Apache)
Information
Directory Listing (IIS)
Directory Listing (IIS)
Information
Directory Listing (Lighttpd)
Directory Listing (Lighttpd)
Information
Directory Listing (LiteSpeed)
Directory Listing (LiteSpeed)
Information
Directory Listing (Nginx)
Directory Listing (Nginx)
Information
Directory Listing (Tomcat)
Directory Listing (Tomcat)
Information
Directory Listing (WebDAV)
Directory Listing (WebDAV)
Information
Disabled X-XSS-Protection Header
Disabled X-XSS-Protection Header
Information
Django Debug Mode Enabled
Django Debug Mode Enabled
Low
Django Identified
Django Identified
Information
Docker Cloud Stack File Detected
Docker Cloud Stack File Detected
Low
Docker Compose File Detected
Docker Compose File Detected
Low
Dockerfile Detected
Dockerfile Detected
Low
Dojo Identified
Dojo Identified
Information
DokuWiki Detected
DokuWiki Detected
Information
Dolibarr Detected
Dolibarr Detected
Information
Dolphin Detected
Dolphin Detected
Information
DomPurify Identified
DomPurify Identified
Information
DotClear Detected
DotClear Detected
Information
Drupal Core - Remote Code Execution (CVE-2019-6340)
Drupal Core - Remote Code Execution (CVE-2019-6340)
Critical
Drupal Detected
Drupal Detected
Information
Dwr Identified
Dwr Identified
Information
EZProxy Identified
EZProxy Identified
Information
EasyXdm Identified
EasyXdm Identified
Information
EfJs Identified
EfJs Identified
Information
Elgg Detected
Elgg Detected
Information
Elmah.axd / Errorlog.axd Detected
Elmah.axd / Errorlog.axd Detected
High
Email Address Disclosure
Email Address Disclosure
Information
Ember Identified
Ember Identified
Information
Error-Based MongoDB Injection
Error-Based MongoDB Injection
High
EspoCRM Detected
EspoCRM Detected
Information
Exception Report Disclosure (Tomcat)
Exception Report Disclosure (Tomcat)
Low
Expect-CT Header via HTTP
Expect-CT Header via HTTP
Information
Expect-CT Not Enabled
Expect-CT Not Enabled
Best Practice
Expect-CT Security Header Errors and Warnings
Expect-CT Security Header Errors and Warnings
Information
Expect-CT in Report Only Mode
Expect-CT in Report Only Mode
Information
Expired SSL Certificate
Expired SSL Certificate
Medium
Express Development Mode Is Enabled
Express Development Mode Is Enabled
Medium
Express express-session Weak Secret Key Detected
Express express-session Weak Secret Key Detected
Medium
ExpressJS Identified
ExpressJS Identified
Information
Expression Language Injection
Expression Language Injection
High
ExtJs Identified
ExtJs Identified
Information
F5 Big-IP Local File Inclusion (CVE-2020-5902)
F5 Big-IP Local File Inclusion (CVE-2020-5902)
High
FabricJs Identified
FabricJs Identified
Information
Family Connections Detected
Family Connections Detected
Information
FancyBox Identified
FancyBox Identified
Information
File Upload Functionality Detected
File Upload Functionality Detected
Information
Fingerprintjs2 Identified
Fingerprintjs2 Identified
Information
Flickity Identified
Flickity Identified
Information
FluxBB Detected
FluxBB Detected
Information
Footablejs Identified
Footablejs Identified
Information
Forbidden Resource
Forbidden Resource
Information
Form Hijacking
Form Hijacking
Low
Form Tools Detected
Form Tools Detected
Information
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
High
Foundation Identified
Foundation Identified
Information
Frame Injection
Frame Injection
Medium
Front Accounting Detected
Front Accounting Detected
Information
FrontPage Identified
FrontPage Identified
Information
FuelUx Identified
FuelUx Identified
Information
GIT Detected
GIT Detected
Medium
Generic Email Address Disclosure
Generic Email Address Disclosure
Information
GeoServer Identified
GeoServer Identified
Information
GibbonEdu Detected
GibbonEdu Detected
Information
GlassFish Server Identified
GlassFish Server Identified
Information
Google Tag Manager Identified
Google Tag Manager Identified
Information
Grafana Identified
Grafana Identified
Information
GraphQL Endpoint Detected
GraphQL Endpoint Detected
Information
GraphQL Library Detected (Apollo)
GraphQL Library Detected (Apollo)
Information
GraphQL Library Detected (Ariadne)
GraphQL Library Detected (Ariadne)
Information
GraphQL Library Detected (Dgraph)
GraphQL Library Detected (Dgraph)
Information
GraphQL Library Detected (Diana.jl)
GraphQL Library Detected (Diana.jl)
Information
GraphQL Library Detected (Directus)
GraphQL Library Detected (Directus)
Information