|Paid content will be excluded from the download.
| Matches : 909
|The software does not restrict or incorrectly restricts access
to a resource from an unauthorized actor.
The web application does not, or can not, sufficiently verify
whether a well-formed, valid, consistent request was intentionally provided by
the user who submitted the request.
The software constructs all or part of an SQL command using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
intended SQL command when it is sent to a downstream
Weaknesses in this category are related to the management of
permissions, privileges, and other security features that are used to perform
The software allows the attacker to upload or transfer files of
dangerous types that can be automatically processed within the product's
The product subtracts one value from another, such that the
result is less than the minimum allowable integer value, which produces a value
that is not equal to the correct result.
The product does not validate or incorrectly validates input
that can affect the control flow or data flow of a
A NULL pointer dereference occurs when the application
dereferences a pointer that it expects to be valid, but is NULL, typically
causing a crash or exit.
The software contains hard-coded credentials, such as a
password or cryptographic key, which it uses for its own inbound authentication,
outbound communication to external components, or encryption of internal
When an actor claims to have a given identity, the software
does not prove or insufficiently proves that the claim is
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies