[Forgot Password]
Login  Register Subscribe

24003

 
 

131517

 
 

106904

 
 

909

 
 

84902

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

The product processes an XML document that can contain XML entities with URLs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

The software does not verify, or incorrectly verifies, the cryptographic signature for data.

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies