Web Application Vulnerabilities Index
This page lists all vulnerabilities that can be detected by Invicti.
| Vulnerability Name | Classifications | Severity |
|---|---|---|
| Blind SQL Injection | PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 | Critical |
| Boolean Based SQL Injection | PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 | Critical |
| Out of Band SQL Injection | PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 | Critical |
| SQL Injection (IAST) | PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 | Critical |
| JWT Forgery via SQL Injection | CWE-89; OWASP 2017-A1 | High |
