[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

The software does not properly verify that the source of data or communication is valid.

The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Weaknesses in this category are related to errors in the management of cryptographic keys.

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.

The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

The software does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.

Weaknesses in this category can be used to access files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence).

The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies