Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as ISO27001-A.18.1.3 that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Select Vulnerability
Vulnerability Name
Classification
Severity
Apache Server-Info Detected
Apache Server-Info Detected
CAPEC-347
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-16
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Medium
Apache Server-Status Detected
Apache Server-Status Detected
CAPEC-347
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-16
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Medium
Apple’s App-Site Association (AASA) Detected
Apple’s App-Site Association (AASA) Detected
ISO27001-A.18.1.3
, 
Information
Backup File Disclosure
Backup File Disclosure
CAPEC-87
, 
CWE-530
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Low
Backup Source Code Detected
Backup Source Code Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
, 
CWE-530
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
High
CDN Detected (Airee)
CDN Detected (Airee)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Akamai)
CDN Detected (Akamai)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Arvan Cloud)
CDN Detected (Arvan Cloud)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Azure CDN)
CDN Detected (Azure CDN)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (CDN77)
CDN Detected (CDN77)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Fastly)
CDN Detected (Fastly)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Fireblade)
CDN Detected (Fireblade)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Google Cloud CDN)
CDN Detected (Google Cloud CDN)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Incapsula)
CDN Detected (Incapsula)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Instart)
CDN Detected (Instart)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (KeyCDN)
CDN Detected (KeyCDN)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (MaxCDN)
CDN Detected (MaxCDN)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Netlify)
CDN Detected (Netlify)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (PowerCDN)
CDN Detected (PowerCDN)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Qrator)
CDN Detected (Qrator)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (StackPath)
CDN Detected (StackPath)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (Sucuri)
CDN Detected (Sucuri)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
CDN Detected (West263)
CDN Detected (West263)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
Configuration File Detected
Configuration File Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Database Connection String Detected
Database Connection String Detected
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
, 
CWE-16
, 
HIPAA-164.306(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A3
, 
WASC-15
, 
Information
Database Error Message Disclosure
Database Error Message Disclosure
CAPEC-118
, 
CWE-210
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-13
, 
Low
Database Name Disclosure (Microsoft SQL Server)
Database Name Disclosure (Microsoft SQL Server)
CAPEC-118
, 
CWE-201
, 
HIPAA-164.306(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-13
, 
Low
Database Name Disclosure (MySQL)
Database Name Disclosure (MySQL)
CAPEC-118
, 
CWE-201
, 
HIPAA-164.306(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-13
, 
Low
Default Page Detected (Apache)
Default Page Detected (Apache)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (CakePHP Framework)
Default Page Detected (CakePHP Framework)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (IIS 10.0)
Default Page Detected (IIS 10.0)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (IIS 6)
Default Page Detected (IIS 6)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (IIS 7)
Default Page Detected (IIS 7)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (IIS 7.5)
Default Page Detected (IIS 7.5)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (IIS 7.X)
Default Page Detected (IIS 7.X)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (IIS 8)
Default Page Detected (IIS 8)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (IIS 8.5)
Default Page Detected (IIS 8.5)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Default Page Detected (Tomcat)
Default Page Detected (Tomcat)
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
Django Debug Mode Enabled
Django Debug Mode Enabled
CAPEC-214
, 
CWE-16
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-14
, 
Low
.DS_Store File Found
.DS_Store File Found
CWE-284
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Low
Elmah.axd / Errorlog.axd Detected
Elmah.axd / Errorlog.axd Detected
CAPEC-347
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-16
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.6
, 
WASC-15
, 
High
Exception Report Disclosure (Tomcat)
Exception Report Disclosure (Tomcat)
CAPEC-214
, 
CWE-248
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-14
, 
Low
Information Disclosure (Microsoft Office)
Information Disclosure (Microsoft Office)
CAPEC-118
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
PCI v3.2-6.5.5
, 
WASC-13
, 
Low
Installation File Detected
Installation File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
JavaMelody Interface Detected
JavaMelody Interface Detected
CAPEC-347
, 
CWE-16
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Medium
Log File Detected
Log File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Microsoft Access Database File Detected
Microsoft Access Database File Detected
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
, 
CWE-285
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A3
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Medium
Microsoft IIS Log File Detected
Microsoft IIS Log File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Low
Microsoft Outlook Personal Folders File (.pst) Found
Microsoft Outlook Personal Folders File (.pst) Found
CWE-284
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Low
OpenSearch.xml Detected
OpenSearch.xml Detected
CWE-200
, 
ISO27001-A.18.1.3
, 
Information
Out-of-date Component ({applicationName})
Out-of-date Component ({applicationName})
CAPEC-170
, 
CWE-205
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-13
, 
Low
Out-of-date Version (SugarCRM)
Out-of-date Version (SugarCRM)
CWE-1035
, 
ISO27001-A.18.1.3
, 
WASC-13
, 
Information
phpinfo() Output Detected
phpinfo() Output Detected
CWE-213
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A6
, 
OWASP 2017-A3
, 
WASC-13
, 
Low
Programming Error Message
Programming Error Message
CAPEC-118
, 
CWE-210
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-13
, 
Low
Programming Error Message (Ruby)
Programming Error Message (Ruby)
CAPEC-118
, 
CWE-210
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-13
, 
Low
Readme/Help File Detected
Readme/Help File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Reverse Proxy Detected (Apache Traffic Server)
Reverse Proxy Detected (Apache Traffic Server)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
Reverse Proxy Detected (Citrix Netscaler)
Reverse Proxy Detected (Citrix Netscaler)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
Reverse Proxy Detected (Envoy)
Reverse Proxy Detected (Envoy)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
Reverse Proxy Detected (F5 BIG-IP)
Reverse Proxy Detected (F5 BIG-IP)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
Reverse Proxy Detected (HAProxy)
Reverse Proxy Detected (HAProxy)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
Reverse Proxy Detected (Skipper)
Reverse Proxy Detected (Skipper)
CAPEC-224
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
WASC-45
, 
Information
Robots.txt Detected
Robots.txt Detected
ISO27001-A.18.1.3
, 
Information
RSA Private Key Detected
RSA Private Key Detected
CAPEC-118
, 
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A6
, 
OWASP 2017-A3
, 
WASC-13
, 
Medium
Security.txt Detected
Security.txt Detected
ISO27001-A.18.1.3
, 
Information
Sitemap Detected
Sitemap Detected
ISO27001-A.18.1.3
, 
Information
Social Security Number Disclosure
Social Security Number Disclosure
CAPEC-118
, 
CWE-213
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A6
, 
OWASP 2017-A3
, 
PCI v3.2-6.5.3
, 
WASC-13
, 
Low
Source Code Disclosure (ASP.NET)
Source Code Disclosure (ASP.NET)
CAPEC-118
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-540
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A3
, 
WASC-13
, 
Medium
Source Code Disclosure (ColdFusion)
Source Code Disclosure (ColdFusion)
CAPEC-118
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-540
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A3
, 
WASC-13
, 
Medium
SQL File Detected
SQL File Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
SQLite Database File Found
SQLite Database File Found
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
, 
CWE-285
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A3
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Medium
Stack Trace Disclosure (ColdFusion)
Stack Trace Disclosure (ColdFusion)
CAPEC-214
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-248
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-14
, 
Medium
Stack Trace Disclosure (Django)
Stack Trace Disclosure (Django)
CAPEC-214
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-248
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-14
, 
Medium
Stack Trace Disclosure (Grails)
Stack Trace Disclosure (Grails)
CAPEC-214
, 
CWE-248
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.5
, 
WASC-14
, 
Low