[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The product uses a blacklist-based protection mechanism to defend against XSS attacks, but the blacklist is incomplete, allowing XSS variants to succeed.

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

The product uses multiple resources that can have the same identifier, in a context in which unique identifiers are required. This could lead to operations on the wrong resource, or inconsistent operations.

The software uses low-level functionality that is explicitly prohibited by the framework or specification under which the software is supposed to operate.

The software performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.

The software compares two entities in a security-relevant context, but the comparison is insufficient, which may lead to resultant weaknesses.

The web application sends a redirect to another location, but instead of exiting, it executes additional code.

This view organizes weaknesses around concepts that are frequently used or encountered in software development. Accordingly, this view can align closely with the perspectives of developers, educators, and assessment vendors. It borrows heavily from the organizational structure used by Seven Pernicious Kingdoms, but it also provides a variety of other categories that are intende ...

The default error page of a web application should not display sensitive information about the software system.

Weaknesses in this category are related to improper handling of virtual files within Mac-based operating systems.


Pages:      Start    57    58    59    60    61    62    63    64    65    66    67    68    69    70    ..   90

© SecPod Technologies