Security Vulnerabilities

5.

Web Application Vulnerabilities

5.1.

Injection Vulnerabilities

5.1.1.

5.1.1.1.

Classic SQL Injection

5.1.1.2.

Blind SQL Injection

5.1.1.2.1.

Boolean-Based Blind SQLi

5.1.1.2.2.

Time-Based Blind SQLi

5.1.1.3.

Union-Based SQL Injection

5.1.1.4.

Error-Based SQL Injection

5.1.1.5.

Out-of-Band SQL Injection

5.1.1.6.

Second-Order SQL Injection

5.1.2.

NoSQL Injection

5.1.2.1.

MongoDB Injection

5.1.2.2.

CouchDB Injection

5.1.2.3.

Cassandra Injection

5.1.3.

Command Injection

5.1.3.1.

OS Command Injection

5.1.3.2.

Shell Command Injection

5.1.3.3.

PowerShell Injection

5.1.4.

5.1.5.

XPath Injection

5.1.6.

XML External Entity (XXE) Injection

5.1.6.1.

5.1.6.2.

5.1.6.3.

XXE via File Upload

5.1.6.4.

XXE via Modified Content Type

5.1.7.

Template Injection

5.1.7.1.

Server-Side Template Injection (SSTI)

5.1.7.2.

Client-Side Template Injection

5.1.8.

Expression Language Injection

5.1.9.

5.2.

Cross-Site Scripting (XSS)

5.2.1.

5.2.1.1.

Database-Stored XSS

5.2.1.2.

File-Stored XSS

5.2.1.3.

DOM Storage XSS

5.2.2.

5.2.2.1.

URL Parameter XSS

5.2.2.2.

5.2.2.3.

HTTP Header XSS

5.2.3.

5.2.3.1.

Source-to-Sink Analysis

5.2.3.2.

DOM Manipulation XSS

5.2.4.

5.2.5.

5.2.6.

XSS Prevention Techniques

5.3.

Authentication and Session Management Flaws

5.3.1.

Weak Authentication Mechanisms

5.3.1.1.

Weak Password Policies

5.3.1.2.

Credential Stuffing Vulnerabilities

5.3.1.3.

Brute Force Vulnerabilities

5.3.1.4.

Dictionary Attack Vulnerabilities

5.3.2.

Session Management Issues

5.3.2.1.

Session Fixation

5.3.2.2.

Session Hijacking

5.3.2.3.

Insecure Session Storage

5.3.2.4.

Session Timeout Issues

5.3.2.5.

Cross-Site Session Transfer

5.3.3.

Multi-Factor Authentication Bypasses

5.3.4.

Password Reset Vulnerabilities

5.3.5.

Account Lockout Bypasses

5.4.

Broken Access Control

5.4.1.

Insecure Direct Object References (IDOR)

5.4.2.

5.4.2.1.

Directory Traversal

5.4.2.2.

File Inclusion Vulnerabilities

5.4.2.2.1.

Local File Inclusion (LFI)

5.4.2.2.2.

Remote File Inclusion (RFI)

5.4.3.

Missing Function-Level Access Control

5.4.4.

Missing Method-Level Access Control

5.4.5.

Privilege Escalation

5.4.6.

Forced Browsing

5.4.7.

Parameter Tampering

5.5.

Security Misconfiguration

5.5.1.

Default Credentials

5.5.2.

Unnecessary Features Enabled

5.5.2.1.

Debug Interfaces

5.5.2.2.

Administrative Interfaces

5.5.2.3.

Sample Applications

5.5.2.4.

Default Accounts

5.5.3.

Verbose Error Messages

5.5.4.

Missing Security Headers

5.5.4.1.

HTTP Strict Transport Security (HSTS)

5.5.4.2.

Content Security Policy (CSP)

5.5.4.3.

X-Frame-Options

5.5.4.4.

X-Content-Type-Options

5.5.4.5.

X-XSS-Protection

5.5.5.

Insecure HTTP Methods

5.5.6.

Directory Listing Enabled

5.6.

Sensitive Data Exposure

5.6.1.

Encryption Weaknesses

5.6.1.1.

Unencrypted Data in Transit

5.6.1.2.

Unencrypted Data at Rest

5.6.1.3.

Weak Cryptographic Algorithms

5.6.1.4.

Insufficient Key Length

5.6.2.

Key Management Issues

5.6.2.1.

Hardcoded Cryptographic Keys

5.6.2.2.

Poor Key Storage

5.6.2.3.

Weak Key Generation

5.6.2.4.

5.6.3.

Data Leakage Scenarios

5.6.3.1.

URL Parameter Exposure

5.6.3.2.

Log File Exposure

5.6.3.3.

Error Message Disclosure

5.6.3.4.

Backup File Exposure

5.7.

Cross-Site Request Forgery (CSRF)

5.7.1.

CSRF Attack Mechanics

5.7.2.

5.7.3.

POST-Based CSRF

5.7.4.

JSON-Based CSRF

5.7.5.

CSRF Prevention Methods

5.7.5.1.

Anti-CSRF Tokens

5.7.5.2.

SameSite Cookie Attribute

5.7.5.3.

Referer Header Validation

5.8.

Insecure Deserialization

5.8.1.

Object Deserialization Attacks

5.8.2.

Remote Code Execution via Deserialization

5.8.3.

Data Tampering via Deserialization

5.8.4.

Denial of Service via Deserialization

5.8.5.

Language-Specific Deserialization Issues

5.9.

Server-Side Request Forgery (SSRF)

5.9.1.

Internal Network Access

5.9.2.

Cloud Metadata API Attacks

5.9.3.

Port Scanning via SSRF

5.9.4.

Protocol Smuggling

5.9.5.

5.10.

Using Components with Known Vulnerabilities

5.10.1.

Outdated Libraries

5.10.2.

Vulnerable Frameworks

5.10.3.

Dependency Confusion

5.10.4.

Supply Chain Attacks

5.10.5.

Component Inventory Management

5.11.

Insufficient Logging and Monitoring

5.11.1.

Missing Security Event Logging

5.11.2.

Inadequate Log Retention

5.11.3.

Poor Log Analysis

5.11.4.

Missing Real-Time Monitoring

5.11.5.

Insufficient Alerting Mechanisms

Previous

4. Vulnerability Categories by Impact

Go to top

Next

6. Software and Memory Vulnerabilities