Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Error Handling

This page lists 20 vulnerabilities in this category.

Critical: 1 High: 3 Medium: 10 Low: 5 Information: 1
Vulnerability Name
CVE
CWE
Severity
Apache Log4j2 JNDI Remote Code Execution (404 page handler)
CVE-2021-44228
CWE-78
Critical
Spring Boot Whitelabel Error Page SpEL
-
CWE-94
High
Padding oracle attack
-
CWE-209
High
Elmah.axd / Errorlog.axd Detected
-
CWE-209
High
Symfony running in dev mode
-
CWE-16
Medium
Symfony debug mode enabled (Invicti IAST)
-
CWE-16
Medium
CodeIgniter development mode enabled
-
CWE-16
Medium
Custom Error Pages Are Not Configured in WEB-INF/web.xml
-
CWE-16
Medium
ASP.NET WCF service include exception details
-
CWE-16
Medium
Node.js Web Application does not handle unhandledRejection
-
CWE-248
Medium
Node.js Web Application does not handle uncaughtException
-
CWE-248
Medium
GraphQL Unhandled Error Leakage
-
CWE-209
Medium
PHP errors enabled
-
CWE-209
Medium
ASP.NET CustomErrors Is Disabled
-
CWE-12
Medium
Error page path disclosure
-
CWE-200
Low
ASP.NET error message
-
CWE-12
Low
Error messages
-
CWE-209
Low
PHP display_errors Is Enabled
-
CWE-209
Low
Programming Error Messages
-
CWE-209
Low
Error page web server version disclosure
-
CWE-200
Information