Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Java Identified
Java Identified
Information
Java Servlet Identified
Java Servlet Identified
Information
Java Verb Tampering Via Misconfigured Security Constraint
Java Verb Tampering Via Misconfigured Security Constraint
Medium
JavaMelody Interface Detected
JavaMelody Interface Detected
Medium
JavaScriptCookie Identified
JavaScriptCookie Identified
Information
Jenkins Identified
Jenkins Identified
Information
JetBrains .idea Project Directory Detected
JetBrains .idea Project Directory Detected
Medium
Jetty Web Server Identified
Jetty Web Server Identified
Information
Jolokia Identified
Jolokia Identified
Information
Joomla Detected
Joomla Detected
Information
JqueryMask Identified
JqueryMask Identified
Information
JqueryValidation Identified
JqueryValidation Identified
Information
JsTree Identified
JsTree Identified
Information
Json Web Key Set Disclosure
Json Web Key Set Disclosure
Information
Kestrel Detected
Kestrel Detected
Information
KnockoutMapping Identified
KnockoutMapping Identified
Information
Knockoutjs Identified
Knockoutjs Identified
Information
Kong Identified
Kong Identified
Information
LDAP Injection (IAST)
LDAP Injection (IAST)
Critical
Laravel Debug Mode Enabled
Laravel Debug Mode Enabled
Low
Laravel Environment Configuration File Detected
Laravel Environment Configuration File Detected
Low
Lazyjs Identified
Lazyjs Identified
Information
Leaflet Identified
Leaflet Identified
Information
Liferay Digital Experience Platform Detected
Liferay Digital Experience Platform Detected
Information
Liferay Portal Detected
Liferay Portal Detected
Information
Lightbox Identified
Lightbox Identified
Information
Lighthouse Identified
Lighthouse Identified
Information
Lighttpd Identified
Lighttpd Identified
Information
LimeSurvey Detected
LimeSurvey Detected
Information
ListJs Identified
ListJs Identified
Information
LiteSpeed Web Server Identified
LiteSpeed Web Server Identified
Information
Local File Inclusion
Local File Inclusion
High
Local File Inclusion (IAST)
Local File Inclusion (IAST)
High
Lodash Identified
Lodash Identified
Information
Log File Detected
Log File Detected
Information
Login Page Identified
Login Page Identified
Information
Lua Identified
Lua Identified
Information
MODX Detected
MODX Detected
Information
MOVEit Identified
MOVEit Identified
Information
Magento Identified
Magento Identified
Information
Mail Header Injection (IAST)
Mail Header Injection (IAST)
Critical
Mailman Identified
Mailman Identified
Information
Malware Identified
Malware Identified
Critical
MarionetteJs Identified
MarionetteJs Identified
Information
Masa CMS Identified
Masa CMS Identified
Information
Mashery Proxy Identified
Mashery Proxy Identified
Information
MathJax Identified
MathJax Identified
Information
MathJs Identified
MathJs Identified
Information
MediaWiki Detected
MediaWiki Detected
Information
Mibew Messenger Detected
Mibew Messenger Detected
Information
Microsoft Access Database File Detected
Microsoft Access Database File Detected
Medium
Microsoft IIS Log File Detected
Microsoft IIS Log File Detected
Low
Microsoft Outlook Personal Folders File (.pst) Found
Microsoft Outlook Personal Folders File (.pst) Found
Low
Mint Detected
Mint Detected
Information
Misconfigured Access-Control-Allow-Origin Header
Misconfigured Access-Control-Allow-Origin Header
Low
Misconfigured Frame
Misconfigured Frame
Low
Misconfigured X-Frame-Options Header
Misconfigured X-Frame-Options Header
Low
Missing Content-Type Header
Missing Content-Type Header
Low
Missing X-Content-Type-Options Header
Missing X-Content-Type-Options Header
Low
Missing X-Frame-Options Header
Missing X-Frame-Options Header
Low
Missing X-XSS-Protection Header
Missing X-XSS-Protection Header
Best Practice
Missing frame-ancestors in CSP Declaration
Missing frame-ancestors in CSP Declaration
Information
Missing object-src in CSP Declaration
Missing object-src in CSP Declaration
Information
Mithril Identified
Mithril Identified
Information
Mod_Ssl Identified
Mod_Ssl Identified
Information
Modernizr Identified
Modernizr Identified
Information
Momentjs Identified
Momentjs Identified
Information
MongoDB Injection (IAST)
MongoDB Injection (IAST)
Critical
MongoDB Operator Injection
MongoDB Operator Injection
High
Mongrel Identified
Mongrel Identified
Information
Moodle Detected
Moodle Detected
Information
Movable Type Detected
Movable Type Detected
Information
Multiple Content Security Policy (CSP) Implementation Detected
Multiple Content Security Policy (CSP) Implementation Detected
Information
Multiple Declarations in X-Frame-Options Header
Multiple Declarations in X-Frame-Options Header
Low