Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/
Error Handling
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Error Handling
This page lists
20 vulnerabilities
in this category.
Critical: 1
High: 3
Medium: 10
Low: 5
Information: 1
Vulnerability Name
CVE
CWE
Severity
Apache Log4j2 JNDI Remote Code Execution (404 page handler)
CVE-2021-44228
CWE-78
Critical
Spring Boot Whitelabel Error Page SpEL
-
CWE-94
High
Padding oracle attack
-
CWE-209
High
Elmah.axd / Errorlog.axd Detected
-
CWE-209
High
Symfony running in dev mode
-
CWE-16
Medium
Symfony debug mode enabled (Invicti IAST)
-
CWE-16
Medium
CodeIgniter development mode enabled
-
CWE-16
Medium
Custom Error Pages Are Not Configured in WEB-INF/web.xml
-
CWE-16
Medium
ASP.NET WCF service include exception details
-
CWE-16
Medium
Node.js Web Application does not handle unhandledRejection
-
CWE-248
Medium
Node.js Web Application does not handle uncaughtException
-
CWE-248
Medium
GraphQL Unhandled Error Leakage
-
CWE-209
Medium
PHP errors enabled
-
CWE-209
Medium
ASP.NET CustomErrors Is Disabled
-
CWE-12
Medium
Error page path disclosure
-
CWE-200
Low
ASP.NET error message
-
CWE-12
Low
Error messages
-
CWE-209
Low
PHP display_errors Is Enabled
-
CWE-209
Low
Programming Error Messages
-
CWE-209
Low
Error page web server version disclosure
-
CWE-200
Information
