Web Application Vulnerabilities Index

This page lists vulnerabilities categorized as Information severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Out-of-date Version (RoR)
Out-of-date Version (RoR)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Roundcube)
Out-of-date Version (Roundcube)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Ruby)
Out-of-date Version (Ruby)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (RubyGems)
Out-of-date Version (RubyGems)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Rukovoditel)
Out-of-date Version (Rukovoditel)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (ScrollReveal)
Out-of-date Version (ScrollReveal)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Select2)
Out-of-date Version (Select2)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Semantic UI)
Out-of-date Version (Semantic UI)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (SeoPanel)
Out-of-date Version (SeoPanel)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Serendipity)
Out-of-date Version (Serendipity)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Silverstripe CMS)
Out-of-date Version (Silverstripe CMS)
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Out-of-date Version (slick)
Out-of-date Version (slick)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Snap.svg)
Out-of-date Version (Snap.svg)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Sortable)
Out-of-date Version (Sortable)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Squid)
Out-of-date Version (Squid)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (SugarCRM)
Out-of-date Version (SugarCRM)
CWE-1035
, 
937
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Out-of-date Version (Swagger UI)
Out-of-date Version (Swagger UI)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (SweetAlert2)
Out-of-date Version (SweetAlert2)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (TCExam)
Out-of-date Version (TCExam)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Telerik Web UI)
Out-of-date Version (Telerik Web UI)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Three.js)
Out-of-date Version (Three.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (TinyMCE)
Out-of-date Version (TinyMCE)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Tomcat)
Out-of-date Version (Tomcat)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Tornado Web Server)
Out-of-date Version (Tornado Web Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Trac Software Project Management Tool)
Out-of-date Version (Trac Software Project Management Tool)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Tracy Debugging Tool)
Out-of-date Version (Tracy Debugging Tool)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (TwistedWeb HTTP Server)
Out-of-date Version (TwistedWeb HTTP Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (typeahead.js)
Out-of-date Version (typeahead.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Typo3)
Out-of-date Version (Typo3)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
WASC-13
, 
Information
Out-of-date Version (UAParser.js)
Out-of-date Version (UAParser.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Underscore.js)
Out-of-date Version (Underscore.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Undertow Web Server)
Out-of-date Version (Undertow Web Server)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Vanilla Forums)
Out-of-date Version (Vanilla Forums)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Video.js)
Out-of-date Version (Video.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Vue.js)
Out-of-date Version (Vue.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (W3 Total Cache)
Out-of-date Version (W3 Total Cache)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (webERP)
Out-of-date Version (webERP)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (WeBid)
Out-of-date Version (WeBid)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (WebLogic)
Out-of-date Version (WebLogic)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Werkzeug Python WSGI Library)
Out-of-date Version (Werkzeug Python WSGI Library)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (WordPress)
Out-of-date Version (WordPress)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (XOOPS)
Out-of-date Version (XOOPS)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (XRegExp)
Out-of-date Version (XRegExp)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (XWiki)
Out-of-date Version (XWiki)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (YetiForce CRM)
Out-of-date Version (YetiForce CRM)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (YOURLS)
Out-of-date Version (YOURLS)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (YUI)
Out-of-date Version (YUI)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Zen Cart)
Out-of-date Version (Zen Cart)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (ZenPhoto)
Out-of-date Version (ZenPhoto)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Zepto.js)
Out-of-date Version (Zepto.js)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Zikula)
Out-of-date Version (Zikula)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
Out-of-date Version (Zope)
Out-of-date Version (Zope)
CAPEC-310
, 
CWE-1035
, 
937
, 
HIPAA-164.308(a)(1)(i)
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A9
, 
OWASP 2017-A9
, 
PCI v3.2-6.2
, 
Information
ownCloud Detected
ownCloud Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Pardot Server Identified
Pardot Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Payara Identified
Payara Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
PdfJs Identified
PdfJs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Pega Identified
Pega Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Perl Identified
Perl Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
pH7CMS Detected
pH7CMS Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Phaser Identified
Phaser Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Php Address Book Detected
Php Address Book Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
phpBB Detected
phpBB Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
PhpFusion Detected
PhpFusion Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
PHP Identified
PHP Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
phpList Detected
phpList Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
phpLiteAdmin Detected
phpLiteAdmin Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
phpMoAdmin Detected
phpMoAdmin Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
phpMyAdmin Detected
phpMyAdmin Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
PhpMyFAQ Detected
PhpMyFAQ Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Phusion Passenger Identified
Phusion Passenger Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Piwigo Detected
Piwigo Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Piwik Detected
Piwik Detected
CAPEC-224
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-45
, 
Information
PixiJs Identified
PixiJs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Play Web Framework Identified
Play Web Framework Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information