[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

An unused validation form indicates that validation logic is not up-to-date.

Every Action Form must have a corresponding validation form.

Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.

Debugging messages help attackers learn about the system and plan a form of attack.

Validation fields that do not appear in forms they are associated with indicate that the validation logic is out of date.

When a Java application uses the Java Native Interface (JNI) to call code written in another programming language, it can expose the application to weaknesses in that code, even if those weaknesses cannot occur in Java.

The software accepts XML from an untrusted source but does not validate the XML against the proper schema.

The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.

The software misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies