Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as ISO27001-A.9.4.1 that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Select Vulnerability
Vulnerability Name
Classification
Severity
Administration Page Detected
Administration Page Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Apache Multiple Choices Enabled
Apache Multiple Choices Enabled
CWE-16
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Low
Apache MultiViews Enabled
Apache MultiViews Enabled
CWE-16
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Low
ASP.NET Debugging Enabled
ASP.NET Debugging Enabled
CWE-16
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Information
Authorization Required
Authorization Required
ISO27001-A.9.4.1
, 
Information
Basic Authorization Required
Basic Authorization Required
ISO27001-A.9.4.1
, 
Information
Digest Authorization Required
Digest Authorization Required
ISO27001-A.9.4.1
, 
Information
Directory Listing (Apache)
Directory Listing (Apache)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Directory Listing (ASP.NET Server)
Directory Listing (ASP.NET Server)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Directory Listing (IIS)
Directory Listing (IIS)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Directory Listing (Lighttpd)
Directory Listing (Lighttpd)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Directory Listing (LiteSpeed)
Directory Listing (LiteSpeed)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Directory Listing (Nginx)
Directory Listing (Nginx)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Directory Listing (Tomcat)
Directory Listing (Tomcat)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Directory Listing (WebDAV)
Directory Listing (WebDAV)
CAPEC-127
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-548
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-16
, 
Information
Email Address Disclosure
Email Address Disclosure
CAPEC-118
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
, 
CWE-200
, 
ISO27001-A.9.4.1
, 
WASC-13
, 
Information
Express Development Mode Is Enabled
Express Development Mode Is Enabled
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-200
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-14
, 
Medium
Internal Path Disclosure (*nix)
Internal Path Disclosure (*nix)
CAPEC-118
, 
CWE-200
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Laravel Environment Configuration File Detected
Laravel Environment Configuration File Detected
CWE-285
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-15
, 
Low
NTLM Authorization Required
NTLM Authorization Required
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
ISO27001-A.9.4.1
, 
Information
RoR Database Configuration File Detected
RoR Database Configuration File Detected
CWE-285
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-15
, 
Low
SVN Detected
SVN Detected
CAPEC-118
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-527
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-13
, 
High
Travis CI Configuration File Detected
Travis CI Configuration File Detected
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-16
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-15
, 
Information
TS Web Access Identified
TS Web Access Identified
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
WebDAV Directory Has Write Permissions (IIS)
WebDAV Directory Has Write Permissions (IIS)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C
, 
CWE-732
, 
ISO27001-A.9.4.1
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-17
, 
High
Wp-admin Page Detected
Wp-admin Page Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
WP Engine Configuration File Detected
WP Engine Configuration File Detected
CWE-285
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-15
, 
Low
WS_FTP Log File Detected
WS_FTP Log File Detected
CAPEC-118
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-538
, 
ISO27001-A.9.4.1
, 
WASC-13
, 
Information