Web Application Vulnerabilities Index

This page lists vulnerabilities categorized as Information severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Nonce Usage Detected in Content Security Policy (CSP) Directive
Nonce Usage Detected in Content Security Policy (CSP) Directive
ISO27001-A.14.2.5
, 
Information
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP)
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP)
ISO27001-A.14.2.5
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
Information
NTLM Authorization Required
NTLM Authorization Required
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
ISO27001-A.9.4.1
, 
Information
NuSOAP Identified
NuSOAP Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Omeka Detected
Omeka Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
OpenCart Detected
OpenCart Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
OpenResty Web Platform Identified
OpenResty Web Platform Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
OpenSearch.xml Detected
OpenSearch.xml Detected
CWE-200
, 
ISO27001-A.18.1.3
, 
Information
OpenSSL Identified
OpenSSL Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
OpenVPN Access Server Identified
OpenVPN Access Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
OPTIONS Method Enabled
OPTIONS Method Enabled
CAPEC-107
, 
CWE-16
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Information
Oracle Application Server Identified
Oracle Application Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Oracle HTTP Server Identified
Oracle HTTP Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
osClass Detected
osClass Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
osCommerce Detected
osCommerce Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
osTicket Detected
osTicket Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Out-of-date (ASP.NET MVC)
Out-of-date (ASP.NET MVC)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-Date (Bootstrap Select)
Out-of-Date (Bootstrap Select)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-Date (Bootstrap Table)
Out-of-Date (Bootstrap Table)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-Date (Bootstrap Typeahead)
Out-of-Date (Bootstrap Typeahead)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date (FrontPage)
Out-of-date (FrontPage)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-Date (JQuery placeholder.js)
Out-of-Date (JQuery placeholder.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date (Mongrel)
Out-of-date (Mongrel)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date (Oracle Application Server)
Out-of-date (Oracle Application Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date (Phusion Passenger)
Out-of-date (Phusion Passenger)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date (SharePoint)
Out-of-date (SharePoint)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date (Taleo Web Server)
Out-of-date (Taleo Web Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date (Varnish)
Out-of-date (Varnish)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (AbanteCart)
Out-of-date Version (AbanteCart)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Ampache)
Out-of-date Version (Ampache)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Angular)
Out-of-date Version (Angular)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (AngularJS)
Out-of-date Version (AngularJS)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Apache)
Out-of-date Version (Apache)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Apache Coyote)
Out-of-date Version (Apache Coyote)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Apache Traffic Server)
Out-of-date Version (Apache Traffic Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Artifactory DevOps Solution)
Out-of-date Version (Artifactory DevOps Solution)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (ASP.NET SignalR)
Out-of-date Version (ASP.NET SignalR)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Atlassian Confluence)
Out-of-date Version (Atlassian Confluence)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Atlassian Jira)
Out-of-date Version (Atlassian Jira)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Atlassian Proxy)
Out-of-date Version (Atlassian Proxy)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (ATutor)
Out-of-date Version (ATutor)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (axios)
Out-of-date Version (axios)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Axway SecureTransport Server)
Out-of-date Version (Axway SecureTransport Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (b2evolution)
Out-of-date Version (b2evolution)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Backbone.js)
Out-of-date Version (Backbone.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (bluebird)
Out-of-date Version (bluebird)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Bootbox.js)
Out-of-date Version (Bootbox.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Bootstrap)
Out-of-date Version (Bootstrap)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Bootstrap 3 Date/Time Picker)
Out-of-date Version (Bootstrap 3 Date/Time Picker)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Bootstrap Toggle)
Out-of-date Version (Bootstrap Toggle)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (CakePHP Framework)
Out-of-date Version (CakePHP Framework)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (CanvasJS)
Out-of-date Version (CanvasJS)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Chamilo)
Out-of-date Version (Chamilo)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Chart.js)
Out-of-date Version (Chart.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Cherokee)
Out-of-date Version (Cherokee)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (CherryPy)
Out-of-date Version (CherryPy)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (CKEditor)
Out-of-date Version (CKEditor)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Claroline)
Out-of-date Version (Claroline)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (ClipBucket)
Out-of-date Version (ClipBucket)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Collabtive)
Out-of-date Version (Collabtive)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Concerte5)
Out-of-date Version (Concerte5)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (contao)
Out-of-date Version (contao)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (cookieconsent2)
Out-of-date Version (cookieconsent2)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Coppermine)
Out-of-date Version (Coppermine)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Cowboy HTTP Server)
Out-of-date Version (Cowboy HTTP Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (CubeCart)
Out-of-date Version (CubeCart)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (D3.js)
Out-of-date Version (D3.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Daiquiri)
Out-of-date Version (Daiquiri)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (DataTables)
Out-of-date Version (DataTables)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Django)
Out-of-date Version (Django)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Dojo)
Out-of-date Version (Dojo)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (DokuWiki)
Out-of-date Version (DokuWiki)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Dolibarr)
Out-of-date Version (Dolibarr)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Dolphin)
Out-of-date Version (Dolphin)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information