[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

140669

 
 

909

 
 

113959

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The application relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere, when the information should be encrypted or otherwise protected.

The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

A capture-replay flaw exists when the design of the software makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

The application does not sufficiently restrict access to a log file that is used for debugging.

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies