[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

140669

 
 

909

 
 

113959

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

The software generates an error message that includes sensitive information about its environment, users, or associated data.

A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies