| 1. | Improper input validation |
| 2. | Improper encoding or escaping of output |
| 3. | Failure to preserve SQL query structure (SQL injection) |
| 4. | Failure to preserve Web page structure (cross-site scripting) |
| 5. | Failure to preserve operating system command structure (OS command injection) |
| 6. | Cleartext transmission of sensitive information |
| 7. | Cross-site request forgery |
| 8. | Race condition |
| 9. | Error message information leak |
| 10. | Failure to constrain operations within the bounds of a memory buffer |
| 11. | External control of critical state data |
| 12. | External control of file name or path |
| 13. | Untrusted search path |
| 14. | Failure to control generation of code (code injection) |
| 15. | Download of code without integrity check |
| 16. | Improper resource shutdown or release |
| 17. | Improper initialization |
| 18. | Incorrect calculation |
| 19. | Porous defenses |
| 20. | Use of a broken or risky cryptographic algorithm |
| 21. | Hard-coded password |
| 22. | Insecure permission assignment for critical resource |
| 23. | Use of insufficiently random values |
| 24. | Execution with unnecessary privileges |
| 25. | Client-side enforcement of server-side security |
my channel
-
https://www.youtube.com/@sivakumarmsksiva
Website designer cum online promoter in India. My own Creatives, Clicks and
Collections https://www.instamojo.c...
No comments:
Post a Comment
plz visit tv-actors.blogspot.com