[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

An unused validation form indicates that validation logic is not up-to-date.

Every Action Form must have a corresponding validation form.

Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.

Debugging messages help attackers learn about the system and plan a form of attack.

Validation fields that do not appear in forms they are associated with indicate that the validation logic is out of date.

When a Java application uses the Java Native Interface (JNI) to call code written in another programming language, it can expose the application to weaknesses in that code, even if those weaknesses cannot occur in Java.

The software accepts XML from an untrusted source but does not validate the XML against the proper schema.

The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.

The software misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies