[Forgot Password]
Login  Register Subscribe

24003

 
 

131401

 
 

103942

 
 

909

 
 

84051

 
 

133

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Weaknesses in this category are typically introduced during code development, including specification, design, and implementation.

Weaknesses in this category are typically introduced during the configuration of the software.

The software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

The software does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.

The software does not properly encode or decode the data, resulting in unexpected values.

The software does not verify, or incorrectly verifies, the cryptographic signature for data.

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

The software constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies