Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as CAPEC-347 that can be detected by Invicti.

Select Category

Critical

High

Select Vulnerability

Vulnerability Name

Classification

Severity

Apache Server-Info Detected

CAPEC-347

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

CWE-16

ISO27001-A.18.1.3

OWASP 2013-A5

OWASP 2017-A6

WASC-14

Medium

Apache Server-Status Detected

CAPEC-347

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

CWE-16

ISO27001-A.18.1.3

OWASP 2013-A5

OWASP 2017-A6

WASC-14

Medium

Elmah.axd / Errorlog.axd Detected

CAPEC-347

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C

CWE-16

HIPAA-164.306(a)

HIPAA-164.308(a)

ISO27001-A.18.1.3

OWASP 2013-A5

OWASP 2017-A6

PCI v3.2-6.5.6

WASC-15

High

JavaMelody Interface Detected

CAPEC-347

CWE-16

ISO27001-A.18.1.3

OWASP 2013-A5

OWASP 2017-A6

WASC-14

Medium

Server-Side Request Forgery (elmah)

CAPEC-347

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C

CWE-918

HIPAA-164.306(a)

HIPAA-164.308(a)

ISO27001-A.14.2.5

OWASP 2013-A5

OWASP 2017-A6

PCI v3.2-6.5.6

WASC-15

High

Server-Side Request Forgery (elmah MVC)

CAPEC-347

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C

CWE-918

HIPAA-164.306(a)

HIPAA-164.308(a)

ISO27001-A.14.2.5

OWASP 2013-A5

OWASP 2017-A6

PCI v3.2-6.5.6

WASC-15

High

Server-Side Request Forgery (trace.axd)

CAPEC-347

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C

CWE-918

HIPAA-164.306(a)

HIPAA-164.308(a)

ISO27001-A.14.2.5

OWASP 2013-A5

OWASP 2017-A6

PCI v3.2-6.5.6

WASC-15

Critical

Trace.axd Detected

CAPEC-347

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C

CWE-16

HIPAA-164.306(a)

HIPAA-164.308(a)

ISO27001-A.18.1.3

OWASP 2013-A5

OWASP 2017-A6

PCI v3.2-6.5.6

WASC-15

High