Web Application Vulnerabilities Index

This page lists 144 vulnerabilities categorized as medium severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Vulnerability Name
Classification
Severity
Version Disclosure (TinyMCE)
Version Disclosure (TinyMCE)
Low
Version Disclosure (Tomcat)
Version Disclosure (Tomcat)
Low
Version Disclosure (Tornado)
Version Disclosure (Tornado)
Low
Version Disclosure (Trac Software Project Management Tool)
Version Disclosure (Trac Software Project Management Tool)
Low
Version Disclosure (Tracy Debugging Tool)
Version Disclosure (Tracy Debugging Tool)
Low
Version Disclosure (TwistedWeb HTTP Server)
Version Disclosure (TwistedWeb HTTP Server)
Low
Version Disclosure (Typeaheadjs)
Version Disclosure (Typeaheadjs)
Low
Version Disclosure (Typo3Cms)
Version Disclosure (Typo3Cms)
Low
Version Disclosure (UAParser.js)
Version Disclosure (UAParser.js)
Low
Version Disclosure (Underscorejs)
Version Disclosure (Underscorejs)
Low
Version Disclosure (Undertow Web Server)
Version Disclosure (Undertow Web Server)
Low
Version Disclosure (VanillaForums)
Version Disclosure (VanillaForums)
Low
Version Disclosure (Varnish)
Version Disclosure (Varnish)
Low
Version Disclosure (Videojs)
Version Disclosure (Videojs)
Low
Version Disclosure (Vuejs)
Version Disclosure (Vuejs)
Low
Version Disclosure (W3 Total Cache)
Version Disclosure (W3 Total Cache)
Low
Version Disclosure (WebErp)
Version Disclosure (WebErp)
Low
Version Disclosure (WeBid)
Version Disclosure (WeBid)
Low
Version Disclosure (WebLogic)
Version Disclosure (WebLogic)
Low
Version Disclosure (WEBrick)
Version Disclosure (WEBrick)
Low
Version Disclosure (Werkzeug Python WSGI Library)
Version Disclosure (Werkzeug Python WSGI Library)
Low
Version Disclosure (WordPress)
Version Disclosure (WordPress)
Low
Version Disclosure (Xoops)
Version Disclosure (Xoops)
Low
Version Disclosure (XRegExp)
Version Disclosure (XRegExp)
Low
Version Disclosure (XWiki)
Version Disclosure (XWiki)
Low
Version Disclosure (YetiForceCrm)
Version Disclosure (YetiForceCrm)
Low
Version Disclosure (Yourls)
Version Disclosure (Yourls)
Low
Version Disclosure (Yui)
Version Disclosure (Yui)
Low
Version Disclosure (ZenCart)
Version Disclosure (ZenCart)
Low
Version Disclosure (ZenPhoto)
Version Disclosure (ZenPhoto)
Low
Version Disclosure (Zeptojs)
Version Disclosure (Zeptojs)
Low
Version Disclosure (Zikula)
Version Disclosure (Zikula)
Low
Version Disclosure (Zope)
Version Disclosure (Zope)
Low
Videojs Identified
Videojs Identified
Information
ViewState is not Encrypted
ViewState is not Encrypted
Low
ViewState MAC Disabled
ViewState MAC Disabled
Medium
Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125)
Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125)
High
VMware Aria Operations for Networks Remote Code Execution (CVE-2023-20887)
VMware Aria Operations for Networks Remote Code Execution (CVE-2023-20887)
Critical
Vuejs Identified
Vuejs Identified
Information
{{vulnName}}
{{vulnName}}
Low
W3 Total Cache Identified
W3 Total Cache Identified
Information
Weak Basic Authentication Credentials
Weak Basic Authentication Credentials
High
Weak Ciphers Enabled
Weak Ciphers Enabled
Medium
Weak frame-ancestors Detected in Content Security Policy (CSP) Declaration
Weak frame-ancestors Detected in Content Security Policy (CSP) Declaration
Information
Weak Nonce Detected in Content Security Policy (CSP) Declaration
Weak Nonce Detected in Content Security Policy (CSP) Declaration
Information
Weak Secret is Used to Sign JWT
Weak Secret is Used to Sign JWT
High
Webalizer Detected
Webalizer Detected
Information
Web Application Firewall Detected
Web Application Firewall Detected
Information
Web Backdoor Detected
Web Backdoor Detected
Critical
Web Cache Deception
Web Cache Deception
Critical
Web.config File Detected
Web.config File Detected
Information
WebDAV Directory Has Write Permissions
WebDAV Directory Has Write Permissions
High
WebDAV Directory Has Write Permissions (IIS)
WebDAV Directory Has Write Permissions (IIS)
High
WebDAV Enabled
WebDAV Enabled
Information
webERP Detected
webERP Detected
Information
WeBid Detected
WeBid Detected
Information
WebLogic Identified
WebLogic Identified
Information
Werkzeug Python WSGI Library Identified
Werkzeug Python WSGI Library Identified
Information
Whoops Error Handler Framework Detected
Whoops Error Handler Framework Detected
Information
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive
Information
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive
Information
Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive
Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive
Information
WildFly Application Server Identified
WildFly Application Server Identified
Information
Windows Azure Web Server Identified
Windows Azure Web Server Identified
Information
Windows CE OS Identified
Windows CE OS Identified
Information
Windows Server Identified
Windows Server Identified
Information
Windows Short Filename
Windows Short Filename
Low
Windows Username Disclosure
Windows Username Disclosure
Low
Wing FTP Anonymous access
Wing FTP Anonymous access
Low
Wing FTP Server RCE (CVE-2025-47812)
Wing FTP Server RCE (CVE-2025-47812)
Critical
WordPress Configuration File Detected
WordPress Configuration File Detected
Information
WordPress Detected
WordPress Detected
Information
WordPress Plugin Akismet Spam Protection Out Of Date
WordPress Plugin Akismet Spam Protection Out Of Date
Information
WordPress Plugin Akismet Spam Protection Version Disclosure
WordPress Plugin Akismet Spam Protection Version Disclosure
Low