THERE R DAILY UPDATE NEW VULNERBILITIES BUT THESE R MOST FAMOUS NOW DAYS...........
THESE ARE
1. Injection attacks :
SQL Injection
Blind SQL Injection
HTML Injection
Frame Source Injection
Command Injection
Javascript Injection
HTTP Parameter Pollution
Cascading Style Injection
Cookie Injection
Buffer Overflow
XML External Entity Injection
2. XSS Flaw and Vulnerability :
Reflect XSS
Stored XSS
DOM based XSS
XSS via HTTP headers
XSS via Cookie Injection
XSS via "INPUT" Get/Post
XSS against JSON
XSS via XML Injection
3. Broken Authenciation and Session Management :
Cookie
Login
4. Insecure Direct Object references :
Cookie
Text File
Source Editor
Credits
Arbitrary File Inclusion
5. Cross Site Request Forgery [CSRF]
6. Security Misconfiguration :
Direct Browsing
Method Tempering "INPUT" Get/Post
7. Insecure Cryptographic Storage :
HTML 5 Storage
User Info
8. Failure of Restrict URL Access :
Source viewer
Robots.txt viewer
Arbitrary File Inclusion
"Secret" Administrative Pages
9. Insufficient Transport Layer Protection :
SSL Misconfiguration
10. Unvalidated Redirects and Forwards :
Setup reset DB
11. Others vulnerabilities and attacks :
Malicious file Execution
Information leakage and Improper Error handling
XML Entity Injection
Local file Inclusion
Remote File Inclusion
DDOS (Denial of Service)
Data Capture etc.
THESE ARE
1. Injection attacks :
SQL Injection
Blind SQL Injection
HTML Injection
Frame Source Injection
Command Injection
Javascript Injection
HTTP Parameter Pollution
Cascading Style Injection
Cookie Injection
Buffer Overflow
XML External Entity Injection
2. XSS Flaw and Vulnerability :
Reflect XSS
Stored XSS
DOM based XSS
XSS via HTTP headers
XSS via Cookie Injection
XSS via "INPUT" Get/Post
XSS against JSON
XSS via XML Injection
3. Broken Authenciation and Session Management :
Cookie
Login
4. Insecure Direct Object references :
Cookie
Text File
Source Editor
Credits
Arbitrary File Inclusion
5. Cross Site Request Forgery [CSRF]
6. Security Misconfiguration :
Direct Browsing
Method Tempering "INPUT" Get/Post
7. Insecure Cryptographic Storage :
HTML 5 Storage
User Info
8. Failure of Restrict URL Access :
Source viewer
Robots.txt viewer
Arbitrary File Inclusion
"Secret" Administrative Pages
9. Insufficient Transport Layer Protection :
SSL Misconfiguration
10. Unvalidated Redirects and Forwards :
Setup reset DB
11. Others vulnerabilities and attacks :
Malicious file Execution
Information leakage and Improper Error handling
XML Entity Injection
Local file Inclusion
Remote File Inclusion
DDOS (Denial of Service)
Data Capture etc.
0 comments:
Post a Comment
please comment here...............