|Paid content will be excluded from the download.
| Matches : 909
|The software does not perform or incorrectly performs an
authorization check when an actor attempts to access a resource or perform an
The software does not properly verify that the source of data
or communication is valid.
The software stores or transmits sensitive data using an
encryption scheme that is theoretically sound, but is not strong enough for the
level of protection required.
The software does not perform any authentication for
functionality that requires a provable user identity or consumes a significant
amount of resources.
Weaknesses in this category are related to errors in the
management of cryptographic keys.
The use of a broken or risky cryptographic algorithm is an
unnecessary risk that may result in the exposure of sensitive
The software contains a mechanism for users to recover or
change their passwords without knowing the original password, but the mechanism
The software does not properly neutralize special elements that
are used in XML, allowing attackers to modify the syntax, content, or commands
of the XML before it is processed by an end system.
Weaknesses in this category can be used to access files outside
of a restricted directory (path traversal) or to perform operations on files
that would otherwise be restricted (path equivalence).
The software does not restrict or incorrectly restricts
operations within the boundaries of a resource that is accessed using an index
or pointer, such as memory or files.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies