Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as WASC-13 that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Select Vulnerability
Vulnerability Name
Classification
Severity
GraphQL Library Detected (WPGraphQL)
GraphQL Library Detected (WPGraphQL)
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Gsap Identified
Gsap Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Gunicorn Python WSGI HTTP Server Identified
Gunicorn Python WSGI HTTP Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Hammerjs Identified
Hammerjs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Handlebarsjs Identified
Handlebarsjs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Hesk Detected
Hesk Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Hiawatha Identified
Hiawatha Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Highcharts Identified
Highcharts Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Html5Shiv Identified
Html5Shiv Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
HubSpot Identified
HubSpot Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
IBM Business Process Manager (BPM) Identified
IBM Business Process Manager (BPM) Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
IBM HTTP Server Identified
IBM HTTP Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
IBM Rational Team Concert (RTC) Identified
IBM Rational Team Concert (RTC) Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
IBM Security Access Manager (WebSEAL) Identified
IBM Security Access Manager (WebSEAL) Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
IIS Identified
IIS Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
ImagePicker Identified
ImagePicker Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Inferno Identified
Inferno Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Information Disclosure (Microsoft Office)
Information Disclosure (Microsoft Office)
CAPEC-118
, 
CWE-200
, 
ISO27001-A.18.1.3
, 
PCI v3.2-6.5.5
, 
WASC-13
, 
Low
Internal Path Disclosure (*nix)
Internal Path Disclosure (*nix)
CAPEC-118
, 
CWE-200
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.9.4.1
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Internal Path Disclosure (Windows)
Internal Path Disclosure (Windows)
CAPEC-118
, 
CWE-200
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.8.1.1
, 
WASC-13
, 
Information
Internal Server Error
Internal Server Error
CWE-550
, 
ISO27001-A.14.1.2
, 
WASC-13
, 
Low
Introjs Identified
Introjs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
IonRangeSlider Identified
IonRangeSlider Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Java Identified
Java Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JavaScriptCookie Identified
JavaScriptCookie Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Java Servlet Identified
Java Servlet Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JBoss Application Server Identified
JBoss Application Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JBoss Core Services Identified
JBoss Core Services Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JBoss Enterprise Application Platform Identified
JBoss Enterprise Application Platform Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Jenkins Identified
Jenkins Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JetBrains .idea Project Directory Detected
JetBrains .idea Project Directory Detected
CAPEC-118
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
, 
CWE-285
, 
ISO27001-A9.4.5
, 
OWASP 2013-A5
, 
OWASP 2017-A6
, 
WASC-13
, 
Medium
Jetty Web Server Identified
Jetty Web Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Jolokia Identified
Jolokia Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Joomla Detected
Joomla Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jPlayer Identified
jPlayer Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jQuery Identified
jQuery Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JqueryMask Identified
JqueryMask Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jQueryMigrate Identified
jQueryMigrate Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jQueryMobile Identified
jQueryMobile Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JQuery placeholder.js Identified
JQuery placeholder.js Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jQueryUiAutocomplete Identified
jQueryUiAutocomplete Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jQueryUiDialog Identified
jQueryUiDialog Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jQueryUiTooltip Identified
jQueryUiTooltip Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JqueryValidation Identified
JqueryValidation Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Json Web Key Set Disclosure
Json Web Key Set Disclosure
CAPEC-118
, 
CWE-200
, 
ISO27001-A.18.1.4
, 
WASC-13
, 
Information
JSP Identified
JSP Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
JsTree Identified
JsTree Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
jszip Identified
jszip Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Kestrel Detected
Kestrel Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Knockoutjs Identified
Knockoutjs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
KnockoutMapping Identified
KnockoutMapping Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Kong Identified
Kong Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Lazyjs Identified
Lazyjs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Leaflet Identified
Leaflet Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Liferay Digital Experience Platform Detected
Liferay Digital Experience Platform Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Liferay Portal Detected
Liferay Portal Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Lightbox Identified
Lightbox Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Lighthouse Identified
Lighthouse Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Lighttpd Identified
Lighttpd Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
LimeSurvey Detected
LimeSurvey Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
ListJs Identified
ListJs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
LiteSpeed Web Server Identified
LiteSpeed Web Server Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Lodash Identified
Lodash Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Lua Identified
Lua Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Magento Identified
Magento Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Mailman Identified
Mailman Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
MarionetteJs Identified
MarionetteJs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
markdown-it Identified
markdown-it Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Masa CMS Identified
Masa CMS Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Mashery Proxy Identified
Mashery Proxy Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
, 
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
MathJax Identified
MathJax Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
MathJs Identified
MathJs Identified
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
MediaWiki Detected
MediaWiki Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information
Mibew Messenger Detected
Mibew Messenger Detected
CWE-205
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A6
, 
WASC-13
, 
Information