[Forgot Password]
Login  Register Subscribe

24544

 
 

132176

 
 

121593

 
 

909

 
 

100139

 
 

148

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style.

The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings.

The web application does not filter user-controlled input for executable script disguised using doubling of the involved characters.

The software does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers.

The software does not neutralize or incorrectly neutralizes user-controlled input for alternate script syntax.

This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before inserting the input into an executable resource, such as a library, configuration file, or template.

The software generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive.

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   90

© SecPod Technologies