| #1 | SQL Injection |
SQL injection is a type of vulnerabilities in database access code that allows attackers to execute unauthorized queries on the database. SQL Injection vulnerabilities are caused by concatenating data... |
| #2 | XQuery Injection |
XQuery injection vulnerabilities occur when untrusted data is concatenated into XQuery queries, which allows the attacker to execute arbitrary queries. XQuery injection vulnerabilities are similar to... |
| #3 | XPath Injection |
XPath injection is a type of vulnerability that allows attackers to execute arbitrary queries on XML databases. XPath injection vulnerabilities are similar to SQL injection vulnerabilities, but they a... |
| #4 | Information Exposure Through an Error Message |
Information exposure through an error message occurs when an error message discloses sensitive information that might help an attacker. Typical examples include disclosing whether a username is valid... |
| #5 | Using Components with Known Vulnerabilities |
“Using components with known vulnerabilities” refers to an application that uses third-party code that contains known vulnerabilities. The result is that the vulnerabilities in the third-party code be... |
| #6 | Fingerprinting |
Fingerprinting is a broad term that describes searching for telltale signs that a specific application or system component is running on a given system. These telltale signs are called fingerprints. T... |
| #7 | Weak Cryptographic Hash |
A weak cryptographic hash vulnerability occurs when the application uses a hashing algorithm that is considered to be less resistant to attack than the currently recommended algorithms, and/or the cho... |
| Technology Independent7 |
| Implementation7 |
| Vulnerability7 |