Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/
Low Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Low Severity Vulnerabilities
Found
857 vulnerabilities
at
Low
severity.
Vulnerability Name
CVE
CWE
Severity
ColdFusion administrator login page publicly available
-
CWE-200
Low
FrontPage Identified
-
CWE-16
Low
Internet Information Server returns IP address in HTTP header (Content-Location)
-
CWE-200
Low
Possible sensitive directories
-
CWE-200
Low
Possible sensitive files
-
CWE-200
Low
TRACE Method enabled
-
CWE-489
Low
Cross site scripting (requiring unencoded quote)
-
CWE-79
Low
ASP.NET path disclosure
-
CWE-200
Low
ColdFusion path disclosures
-
CWE-200
Low
TRACK Method enabled
-
CWE-489
Low
Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1
CVE-2006-3918
CWE-79
Low
ASP.NET debugging enabled
-
CWE-11
Low
Programming Error Messages
-
CWE-209
Low
Version Disclosure (ASP.NET MVC)
-
CWE-200
Low
Version Disclosure (ASP.NET)
-
CWE-200
Low
Apache Axis2 web services enumeration
-
CWE-200
Low
Apache Tomcat hello.jsp XSS
CVE-2007-1355
CWE-79
Low
ASP.NET ViewStateUserKey Is Not Set
-
CWE-642
Low
PHP allow_url_fopen Is Enabled
-
CWE-829
Low
PHP allow_url_include enabled
-
CWE-829
Low
PHP open_basedir is not set
-
CWE-664
Low
Possible CSRF (Cross-site request forgery)
-
CWE-352
Low
Missing Content-Type Header
-
CWE-16
Low
Cookies Not Marked as HttpOnly
-
CWE-1004
Low
Cookies Not Marked as Secure
-
CWE-614
Low
Insecure transition from HTTPS to HTTP in form post
-
CWE-200
Low
Possible SQL Statement in comment
-
CWE-200
Low
Sensitive pages could be cached
-
CWE-200
Low
Session cookies scoped to parent domain
-
CWE-284
Low
Session ID in URL
-
CWE-200
Low
ViewsState is not Encrypted
-
CWE-200
Low
Microsoft IIS tilde directory enumeration
-
CWE-20
Low
Microsoft IIS Server service.cnf file found
-
CWE-538
Low
JBoss web service console
-
CWE-200
Low
Version Disclosure (IIS)
-
CWE-200
Low
MySQL username disclosure
-
CWE-538
Low
Ruby on Rails CookieStore session cookie persistence
-
CWE-284
Low
Snoop Servlet information disclosure
-
CWE-200
Low
WordPress admin accessible without HTTP authentication
-
CWE-16
Low
WordPress default administrator account
-
CWE-16
Low
PHP allow_url_include Is Enabled
-
CWE-829
Low
PHP display_errors Is Enabled
-
CWE-209
Low
PHP open_basedir Is Not Configured
-
CWE-664
Low
Possible virtual host found
-
CWE-200
Low
Documentation files
-
CWE-538
Low
Apache mod_negotiation filename bruteforcing
-
CWE-538
Low
Error messages
-
CWE-209
Low
HTML Form found in redirect page
-
CWE-287
Low
[Possible] Internal IP Address Disclosure
-
CWE-200
Low
Possible username or password disclosure
-
CWE-200
Low
Tomcat status page
-
CWE-200
Low
WordPress full path disclosure
-
CWE-200
Low
ASP.NET error message
-
CWE-12
Low
Apache Solr endpoint
-
CWE-200
Low
Apache stronghold-info enabled
-
CWE-200
Low
Apache stronghold-status enabled
-
CWE-200
Low
Error page path disclosure
-
CWE-200
Low
Insecure Transportation Security Protocol Supported (TLS 1.1)
-
CWE-326
Low
Web Server Cache Poisoning (CMS Made Simple) v1.x
CVE-2016-2784
CWE-20
Low
ColdFusion RDS Service enabled
-
CWE-200
Low
Joe Editor DEADJOE file
-
CWE-538
Low
Drupal Core Open Redirect
-
CWE-601
Low
Atlassian Jira Manage Filters information disclosure
-
CWE-200
Low
WordPress REST API User Enumeration
-
CWE-200
Low
Clickjacking: CSP frame-ancestors missing
-
CWE-1021
Low
Jenkins user enumeration
-
CWE-200
Low
Oracle Reports Services RWServlet environment variables disclosure
-
CWE-200
Low
Stack Trace Disclosure (ASP.NET)
-
CWE-209
Low
Stack Trace Disclosure (CakePHP)
-
CWE-209
Low
Stack Trace Disclosure (CherryPy)
-
CWE-209
Low
Stack Trace Disclosure (GWT)
-
CWE-209
Low
Stack Trace Disclosure (Grails)
-
CWE-209
Low
Stack Trace Disclosure (Apache MyFaces)
-
CWE-209
Low
Stack Trace Disclosure (NodeJS)
-
CWE-209
Low
Stack Trace Disclosure (Ruby-Sinatra Framework)
-
CWE-209
Low
1
2
3
4
5
6
7
8
9
...
12
Next »
