Improper Neutralization of Special Elements used in an SQL Command (βSQL Injectionβ).
Buffer Copy without Checking the Size of Input (βClassic Buffer Overflowβ).
Missing Authentication for Critical Function.
Missing or Incorrect Authorization.
Use of Hard-coded Credentials.
Missing Encryption of Sensitive Data.
Unrestricted Upload of File with Dangerous Type.
Reliance on Untrusted Inputs in a Security Decision.
Execution with Unnecessary Privileges.
Cross-Site Request Forgery (CSRF).
Download of Code Without Integrity Check.
Incorrect Calculation of Buffer Size.
Improper Restriction of Excessive Authentication Attempts.
URL Redirection to Untrusted Site (βOpen Redirectβ).
Uncontrolled Format String.
Use of a One-Way Hash without a Salt.
Last updated 2 years ago
