Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as PCI v3.2-6.5.8 that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Select Vulnerability
Vulnerability Name
Classification
Severity
Administration Page Detected
Administration Page Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Backup File Disclosure
Backup File Disclosure
CAPEC-87
, 
CWE-530
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Low
Backup Source Code Detected
Backup Source Code Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
, 
CWE-530
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
High
Code Execution via WebDAV
Code Execution via WebDAV
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-17
, 
Critical
Configuration File Detected
Configuration File Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
.DS_Store File Found
.DS_Store File Found
CWE-284
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Low
F5 Big-IP Local File Inclusion (CVE-2020-5902)
F5 Big-IP Local File Inclusion (CVE-2020-5902)
CAPEC-252
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
, 
CWE-22
, 
HIPAA-164.306(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A4
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-33
, 
High
Installation File Detected
Installation File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Local File Inclusion
Local File Inclusion
CAPEC-252
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
, 
CWE-22
, 
HIPAA-164.306(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A4
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-33
, 
High
Local File Inclusion (IAST)
Local File Inclusion (IAST)
CAPEC-252
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
, 
CWE-22
, 
HIPAA-164.306(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A4
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-33
, 
High
Log File Detected
Log File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Microsoft Access Database File Detected
Microsoft Access Database File Detected
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
, 
CWE-285
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A3
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Medium
Microsoft IIS Log File Detected
Microsoft IIS Log File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Low
Microsoft Outlook Personal Folders File (.pst) Found
Microsoft Outlook Personal Folders File (.pst) Found
CWE-284
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Low
Misconfigured Access-Control-Allow-Origin Header
Misconfigured Access-Control-Allow-Origin Header
CWE-16
, 
ISO27001-A.14.1.2
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-15
, 
Low
Readme/Help File Detected
Readme/Help File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
Ruby on Rails File Content Disclosure (CVE-2019-5418)
Ruby on Rails File Content Disclosure (CVE-2019-5418)
CAPEC-252
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
, 
CWE-98
, 
HIPAA-164.306(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A4
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-33
, 
High
SQL File Detected
SQL File Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
SQLite Database File Found
SQLite Database File Found
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
, 
CWE-285
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A3
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Medium
Test File Detected
Test File Detected
CAPEC-87
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
TorchServe Management API Publicly Exposed
TorchServe Management API Publicly Exposed
CAPEC-212
, 
CWE-200
, 
HIPAA-164.312(a)(1)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-14
, 
High
TS Web Access Identified
TS Web Access Identified
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
WebDAV Directory Has Write Permissions (IIS)
WebDAV Directory Has Write Permissions (IIS)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C
, 
CWE-732
, 
ISO27001-A.9.4.1
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-17
, 
High
Windows Short Filename
Windows Short Filename
CAPEC-87
, 
CWE-538
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.8.2.3
, 
OWASP 2013-A7
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Low
WordPress Configuration File Detected
WordPress Configuration File Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
WordPress Setup Configuration File
WordPress Setup Configuration File
CAPEC-212
, 
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/CR:H/IR:H/AR:H/MAV:N/MPR:N/MUI:N/MS:U/MC:N/MI:N/MA:N
, 
CWE-665
, 
HIPAA-164.312(a)(1)
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-14
, 
Medium
Wp-admin Page Detected
Wp-admin Page Detected
CAPEC-87
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
, 
CWE-425
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2013-A7
, 
OWASP 2017-A5
, 
PCI v3.2-6.5.8
, 
WASC-34
, 
Information
ZSH History File Detected
ZSH History File Detected
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
, 
CWE-284
, 
ISO27001-A.18.1.3
, 
OWASP 2013-A7
, 
OWASP 2017-A3
, 
PCI v3.2-6.5.8
, 
WASC-2
, 
Medium