Blind SQL Injection |
CWE-20
|
Improper Input Validation
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
CWE-209
|
Generation of Error Message Containing Sensitive Information
|
CWE-697
|
Incorrect Comparison
|
CWE-707
|
Improper Neutralization
|
CWE-713
|
OWASP Top Ten 2007 Category A2 - Injection Flaws
|
|
Padding Oracle Crypto Attack |
CWE-209
|
Generation of Error Message Containing Sensitive Information
|
CWE-347
|
Improper Verification of Cryptographic Signature
|
CWE-354
|
Improper Validation of Integrity Check Value
|
CWE-514
|
Covert Channel
|
CWE-649
|
Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
|
CWE-696
|
Incorrect Behavior Order
|
|
Fuzzing for application mapping |
CWE-209
|
Generation of Error Message Containing Sensitive Information
|
CWE-388
|
7PK - Errors
|
CWE-532
|
Insertion of Sensitive Information into Log File
|
|
Query System for Information |
CWE-209
|
Generation of Error Message Containing Sensitive Information
|
|