Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Error Handling

This page lists 57 vulnerabilities in this category.

Critical: 1 High: 5 Medium: 31 Low: 19 Information: 1
Vulnerability Name
CVE
CWE
Severity
Apache Log4j2 JNDI Remote Code Execution (404 page handler)
CVE-2021-44228
CWE-78
Critical
Flask debug mode
-
CWE-489
High
Elmah.axd / Errorlog.axd Detected
-
CWE-209
High
WordPress debug mode
-
CWE-200
High
Spring Boot Whitelabel Error Page SpEL
-
CWE-94
High
Padding oracle attack
-
CWE-209
High
Craft CMS Development Mode enabled
-
CWE-200
Medium
Laravel debug mode enabled
-
CWE-200
Medium
PHP Console addon enabled
-
CWE-200
Medium
PHP Debug Bar enabled
-
CWE-200
Medium
Tracy debugging tool enabled
-
CWE-200
Medium
Pyramid DebugToolbar enabled
-
CWE-200
Medium
Joomla Debug Console enabled
-
CWE-200
Medium
Node.js Web Application does not handle uncaughtException
-
CWE-248
Medium
Node.js Web Application does not handle unhandledRejection
-
CWE-248
Medium
ASP.NET WCF service include exception details
-
CWE-209
Medium
Stack Trace Disclosure (RoR)
-
CWE-209
Medium
Custom Error Pages Are Not Configured in WEB-INF/web.xml
-
CWE-209
Medium
CodeIgniter development mode enabled
-
CWE-489
Medium
Symfony debug mode enabled (Invicti IAST)
-
CWE-489
Medium
Symfony running in dev mode
-
CWE-489
Medium
ASP.NET Core Development Mode enabled
-
CWE-200
Medium
GraphQL Unhandled Error Leakage
-
CWE-209
Medium
Node.js Running in Development Mode
-
CWE-215
Medium
RoR Development Mode enabled
-
CWE-200
Medium
Lucee Stacktrace Information Disclosure
-
CWE-200
Medium
Clockwork PHP dev tool enabled
-
CWE-200
Medium
Stack Trace Disclosure (Python)
-
CWE-209
Medium
ASP.NET CustomErrors Is Disabled
-
CWE-12
Medium
PHP errors enabled
-
CWE-209
Medium
Stack Trace Disclosure (Laravel)
-
CWE-209
Medium
Stack Trace Disclosure (Java)
-
CWE-209
Medium
Django Debug Mode Enabled
-
CWE-200
Medium
Pyramid debug mode
-
CWE-489
Medium
Tornado debug mode
-
CWE-489
Medium
Stack Trace Disclosure (ColdFusion)
-
CWE-209
Medium
ColdFusion Robust Exception enabled
-
CWE-200
Medium
ColdFusion path disclosures
-
CWE-200
Low
Stack Trace Disclosure (ASP.NET)
-
CWE-209
Low
Programming Error Messages
-
CWE-209
Low
PHP display_errors Is Enabled
-
CWE-209
Low
ASP.NET error message
-
CWE-12
Low
Error page path disclosure
-
CWE-200
Low
Stack Trace Disclosure (CherryPy)
-
CWE-209
Low
Stack Trace Disclosure (CakePHP)
-
CWE-209
Low
Stack Trace Disclosure (NodeJS)
-
CWE-209
Low
Unrestricted access to ImageResizer Diagnotics plugin
-
CWE-200
Low
Whoops error handler component detected
-
CWE-200
Low
Typo3 debug mode enabled
-
CWE-200
Low
Stack Trace Disclosure (GWT)
-
CWE-209
Low
Symfony debug mode enabled
-
CWE-200
Low
Stack Trace Disclosure (Grails)
-
CWE-209
Low
Stack Trace Disclosure (Apache MyFaces)
-
CWE-209
Low
Stack Trace Disclosure (Tomcat)
-
CWE-209
Low
Stack Trace Disclosure (Ruby-Sinatra Framework)
-
CWE-209
Low
ASP.NET path disclosure
-
CWE-200
Low
Error page web server version disclosure
-
CWE-200
Information