Improper Input validation
1.Command Injection.
2.SQL Injection.
3.Cross side scripting.
4.Insecure file upload
5.Buffer Overflow.
Improper Access Control
1.Broken access control.
2.Improper session management.
3.identification and authentication failures.
4.Cross-Site Request Forgery (CSRF).
5.Server-Side Request Forgery.
Security Misconfiguration.
1.Missing platform specific security.
2.Cryptographic failures.
3.Vulnerable and outdated components.
4.Misconfigured SSL/TLS
5.Misconfigured security headers.
* CORS.
* Cache-control directives
* Content Security Policy.
Information Disclosure.
1.Improper error & exception handling.
2.Directory listing.
3.Insecure configurations and settings.
4.Sensitive data exposure.
Top comments (0)