Paid content will be excluded from the download.
Matches : 909
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
The application uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
The application relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
This attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.