Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
(Deprecated) Version Disclosure (mod_ssl)
(Deprecated) Version Disclosure (mod_ssl)
Low
.dockerignore File Detected
.dockerignore File Detected
Low
AWS Dockerrun Configuration File Detected
AWS Dockerrun Configuration File Detected
Low
ActiveMQ - Remote Code Execution (CVE-2023-46604)
ActiveMQ - Remote Code Execution (CVE-2023-46604)
Critical
An Unsafe Content Security Policy (CSP) Directive in Use
An Unsafe Content Security Policy (CSP) Directive in Use
Information
Angular Identified
Angular Identified
Information
Angularjs Identified
Angularjs Identified
Information
AspNetSignalR Identified
AspNetSignalR Identified
Information
Authentication Bypass in Fortra's GoAnywhere MFT (CVE-2024-0204)
Authentication Bypass in Fortra's GoAnywhere MFT (CVE-2024-0204)
High
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)
High
Axios Identified
Axios Identified
Information
Axway Secure Transport Detected
Axway Secure Transport Detected
Information
B.R.E.A.C.H. Attack Detected
B.R.E.A.C.H. Attack Detected
Medium
Backbonejs Identified
Backbonejs Identified
Information
Bluebird Identified
Bluebird Identified
Information
Boolean Based MongoDB Injection
Boolean Based MongoDB Injection
High
Bootbox Identified
Bootbox Identified
Information
Bootstrap3DateTimePicker Identified
Bootstrap3DateTimePicker Identified
Information
BootstrapSelect Identified
BootstrapSelect Identified
Information
BootstrapTable Identified
BootstrapTable Identified
Information
BootstrapToggle Identified
BootstrapToggle Identified
Information
BootstrapTypeahead Identified
BootstrapTypeahead Identified
Information
Bootstrapjs Identified
Bootstrapjs Identified
Information
CDN Detected (Instart)
CDN Detected (Instart)
Information
CVE-2024-6297 WordPress Plugin Backdoor
CVE-2024-6297 WordPress Plugin Backdoor
Critical
CanvasJS Identified
CanvasJS Identified
Information
Chartjs Identified
Chartjs Identified
Information
Ckeditor Identified
Ckeditor Identified
Information
D3Js Identified
D3Js Identified
Information
DataTables Identified
DataTables Identified
Information
Database Detected (SQLite)
Database Detected (SQLite)
Information
Disabled X-XSS-Protection Header
Disabled X-XSS-Protection Header
Information
Docker Cloud Stack File Detected
Docker Cloud Stack File Detected
Low
Docker Compose File Detected
Docker Compose File Detected
Low
Dockerfile Detected
Dockerfile Detected
Low
Dojo Identified
Dojo Identified
Information
DomPurify Identified
DomPurify Identified
Information
Dwr Identified
Dwr Identified
Information
EZProxy Identified
EZProxy Identified
Information
EasyXdm Identified
EasyXdm Identified
Information
EfJs Identified
EfJs Identified
Information
Ember Identified
Ember Identified
Information
Expect-CT Header via HTTP
Expect-CT Header via HTTP
Information
Expect-CT Not Enabled
Expect-CT Not Enabled
Best Practice
Expect-CT Security Header Errors and Warnings
Expect-CT Security Header Errors and Warnings
Information
Expect-CT in Report Only Mode
Expect-CT in Report Only Mode
Information
ExtJs Identified
ExtJs Identified
Information
FabricJs Identified
FabricJs Identified
Information
FancyBox Identified
FancyBox Identified
Information
Fingerprintjs2 Identified
Fingerprintjs2 Identified
Information
Flickity Identified
Flickity Identified
Information
Footablejs Identified
Footablejs Identified
Information
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
High
Foundation Identified
Foundation Identified
Information
FuelUx Identified
FuelUx Identified
Information
GeoServer Identified
GeoServer Identified
Information
Google Tag Manager Identified
Google Tag Manager Identified
Information
GraphQL Library Detected (Diana.jl)
GraphQL Library Detected (Diana.jl)
Information
GraphQL Library Detected (Hot Chocolate)
GraphQL Library Detected (Hot Chocolate)
Information
Gsap Identified
Gsap Identified
Information
HTTP Parameter Pollution
HTTP Parameter Pollution
Medium
Hammerjs Identified
Hammerjs Identified
Information
Handlebarsjs Identified
Handlebarsjs Identified
Information
Highcharts Identified
Highcharts Identified
Information
Html5Shiv Identified
Html5Shiv Identified
Information
ImagePicker Identified
ImagePicker Identified
Information
Inferno Identified
Inferno Identified
Information
Insecure Protocol Detected in Content Security Policy (CSP)
Insecure Protocol Detected in Content Security Policy (CSP)
Information
Insecure Reflected Content
Insecure Reflected Content
Low
Insecure Transportation Security Protocol Supported (SSLv2)
Insecure Transportation Security Protocol Supported (SSLv2)
High
Insecure Transportation Security Protocol Supported (SSLv3)
Insecure Transportation Security Protocol Supported (SSLv3)
High
Insecure Transportation Security Protocol Supported (TLS 1.0)
Insecure Transportation Security Protocol Supported (TLS 1.0)
High
Insecure Transportation Security Protocol Supported (TLS 1.1)
Insecure Transportation Security Protocol Supported (TLS 1.1)
Best Practice
Installation File Detected
Installation File Detected
Information