Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N that can be detected by Invicti.

Select Category

Critical

High

Select Vulnerability

Vulnerability Name

Classification

Severity

AWStats Detected

CAPEC-224

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

,

CWE-205

,

ISO27001-A.14.2.5

,

OWASP 2017-A6

,

WASC-45

,

Information

Backup Source Code Detected

CAPEC-87

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

,

CWE-530

,

HIPAA-164.306(a)

,

HIPAA-164.308(a)

,

ISO27001-A.18.1.3

,

OWASP 2013-A7

,

OWASP 2017-A5

,

PCI v3.2-6.5.8

,

WASC-34

,

High

Expression Language Injection

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

,

CWE-20

,

HIPAA-164.308(a)

,

ISO27001-A.14.2.5

,

OWASP 2013-A1

,

OWASP 2017-A1

,

PCI v3.2-6.5.1

,

High

Microsoft Access Database File Detected

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

,

CWE-285

,

ISO27001-A.18.1.3

,

OWASP 2013-A7

,

OWASP 2017-A3

,

PCI v3.2-6.5.8

,

WASC-2

,

Medium

Weak Basic Authentication Credentials

CAPEC-16

,

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

,

CWE-521

,

ISO27001-A.9.4.3

,

OWASP 2013-A6

,

OWASP 2017-A3

,

PCI v3.2-6.5.10

,

WASC-15

,

High

ZSH History File Detected

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

,

CWE-284

,

ISO27001-A.18.1.3

,

OWASP 2013-A7

,

OWASP 2017-A3

,

PCI v3.2-6.5.8

,

WASC-2

,

Medium