|Paid content will be excluded from the download.
| Matches : 909
|The software does not restrict or incorrectly restricts
operations within the boundaries of a resource that is accessed using an index
or pointer, such as memory or files.
The software does not properly neutralize special elements that
are used in XML, allowing attackers to modify the syntax, content, or commands
of the XML before it is processed by an end system.
The software does not verify, or incorrectly verifies, the
cryptographic signature for data.
The software does not maintain or incorrectly maintains control
over a resource throughout its lifetime of creation, use, and
The software provides an Applications Programming Interface
(API) or similar interface for interaction with external actors, but the
interface includes a dangerous method or function that is not properly
An application uses a "blacklist" of prohibited values, but the
blacklist is incomplete.
The software receives data from an upstream component, but does
not neutralize or incorrectly neutralizes CR and LF characters before the data
is included in outgoing HTTP headers.
The product does not use or incorrectly uses a protection
mechanism that provides sufficient defense against directed attacks against the
The application does not sufficiently restrict access to a log
file that is used for debugging.
Files or directories are accessible in the environment that
should not be.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies