Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Low Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Low Severity Vulnerabilities
Found
857 vulnerabilities
at
Low
severity.
Vulnerability Name
CVE
CWE
Severity
Stack Trace Disclosure (Tomcat)
-
CWE-209
Low
Composer installed.json publicly accessible
-
CWE-200
Low
Envoy Metadata disclosure
-
CWE-200
Low
HTML Attribute Injection
-
CWE-80
Low
IIS Path disclosure
-
CWE-200
Low
Kentico Staging API publicly accessible
-
CWE-200
Low
Symfony debug mode enabled
-
CWE-200
Low
Typo3 debug mode enabled
-
CWE-200
Low
Typo3 sensitive files
-
CWE-200
Low
Whoops error handler component detected
-
CWE-200
Low
Broken Link Hijacking
-
CWE-610
Low
Cookies with missing, inconsistent or contradictory properties
-
CWE-284
Low
H2 console publicly accessible
-
CWE-287
Low
Insecure Frame (External)
-
CWE-829
Low
Unrestricted access to NGINX+ Status module
-
CWE-200
Low
Version Disclosure (PHP)
-
-
Low
Jira Projects accessible anonymously
-
CWE-200
Low
Jira Unauthorized User Enumeration via UserPickerBrowser
-
CWE-200
Low
Gitlab user disclosure
-
CWE-200
Low
Unrestricted access to ImageResizer Diagnotics plugin
-
CWE-200
Low
OData feed accessible anonymously
-
CWE-200
Low
Unrestricted access to a monitoring system
-
CWE-200
Low
Unrestricted access to Prometheus
-
CWE-200
Low
Unrestricted access to Prometheus Metrics
-
CWE-200
Low
Vulnerable package dependencies [low]
-
CWE-1104
Low
Jenkins open people list
-
CWE-200
Low
Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed
-
CWE-16
Low
Symfony ESI (Edge-Side Includes) enabled
-
CWE-16
Low
F5 BIG-IP Cookie Information Disclosure
-
CWE-200
Low
Arbitrary File Read on Nuxt.js Development Server
-
CWE-200
Low
Nuxt.js Running in Development Mode
-
CWE-200
Low
Passive Mixed Content over HTTPS
-
CWE-284
Low
LLM Tool Usage Exposure
-
CWE-200
Low
Possible Database Name Disclosure
-
CWE-200
Low
Wing FTP Anonymous access
-
CWE-200
Low
Internet Information Services Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-1999-0861)
CVE-1999-0861
CWE-362
Low
PostgreSQL Other Vulnerability (CVE-1999-0862)
CVE-1999-0862
-
Low
Internet Information Services Other Vulnerability (CVE-1999-1538)
CVE-1999-1538
-
Low
Internet Information Services Other Vulnerability (CVE-2000-0167)
CVE-2000-0167
-
Low
Microsoft SQL Server Other Vulnerability (CVE-2000-0402)
CVE-2000-0402
-
Low
Microsoft SQL Server Other Vulnerability (CVE-2000-0485)
CVE-2000-0485
-
Low
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2000-0649)
CVE-2000-0649
CWE-200
Low
Microsoft SQL Server Other Vulnerability (CVE-2000-1083)
CVE-2000-1083
-
Low
Apache HTTP Server Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2001-0131)
CVE-2001-0131
CWE-59
Low
Internet Information Services Other Vulnerability (CVE-2001-0544)
CVE-2001-0544
-
Low
Oracle Database Server Other Vulnerability (CVE-2001-0832)
CVE-2001-0832
-
Low
Oracle Database Server Other Vulnerability (CVE-2001-1041)
CVE-2001-1041
-
Low
Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)
CVE-2001-1534
CWE-384
Low
PHP Other Vulnerability (CVE-2002-0121)
CVE-2002-0121
-
Low
Mailman Other Vulnerability (CVE-2002-0389)
CVE-2002-0389
-
Low
Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-0422)
CVE-2002-0422
CWE-200
Low
Oracle Application Server Other Vulnerability (CVE-2002-0568)
CVE-2002-0568
-
Low
Apache HTTP Server Other Vulnerability (CVE-2002-1233)
CVE-2002-1233
-
Low
Oracle Database Server Other Vulnerability (CVE-2003-0727)
CVE-2003-0727
-
Low
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2003-1581)
CVE-2003-1581
CWE-707
Low
Internet Information Services Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2003-1582)
CVE-2003-1582
CWE-707
Low
MySQL Other Vulnerability (CVE-2004-0381)
CVE-2004-0381
-
Low
MySQL Other Vulnerability (CVE-2004-0388)
CVE-2004-0388
-
Low
MySQL Other Vulnerability (CVE-2004-0837)
CVE-2004-0837
-
Low
PHP Other Vulnerability (CVE-2004-0959)
CVE-2004-0959
-
Low
OpenSSL Other Vulnerability (CVE-2004-0975)
CVE-2004-0975
-
Low
PostgreSQL Other Vulnerability (CVE-2004-0977)
CVE-2004-0977
-
Low
Apache HTTP Server Other Vulnerability (CVE-2004-1387)
CVE-2004-1387
-
Low
Apache HTTP Server Other Vulnerability (CVE-2004-1834)
CVE-2004-1834
-
Low
Oracle Application Server Other Vulnerability (CVE-2004-1877)
CVE-2004-1877
-
Low
Oracle HTTP Server Other Vulnerability (CVE-2004-1877)
CVE-2004-1877
-
Low
PHP Other Vulnerability (CVE-2005-0596)
CVE-2005-0596
-
Low
MySQL Other Vulnerability (CVE-2005-0711)
CVE-2005-0711
-
Low
PostgreSQL Other Vulnerability (CVE-2005-1410)
CVE-2005-1410
-
Low
PHP Other Vulnerability (CVE-2005-3054)
CVE-2005-3054
-
Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-3164)
CVE-2005-3164
CWE-200
Low
PHP Other Vulnerability (CVE-2005-3319)
CVE-2005-3319
-
Low
Moodle Other Vulnerability (CVE-2005-3649)
CVE-2005-3649
-
Low
PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0208)
CVE-2006-0208
CWE-707
Low
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2006-0369)
CVE-2006-0369
CWE-200
Low
« Previous
1
2
3
4
5
6
7
8
9
...
12
Next »
