HomeclosedFAQRegisterLog in

Share | 
 

 Names of web vulnerabilities

Go down 
AuthorMessage
V1P3R
WhiteHat Support
WhiteHat Support
avatar

Posts : 76
White Hat Points : 202
White Hat Reputation : 10
Join date : 2013-07-30

PostSubject: Names of web vulnerabilities    Wed Aug 14, 2013 9:34 am

Code:
[*] Arbitrary File Deletion
[*] Code Execution Hacking(LFI,RFI,Iframe Injection, Remote Code Execution)
[*] Cookie Manipulation (Meta HTTP-EQUIV & CRLF Injection)
[*] CRLF Injection (HTTP response splitting & Headers Injection)
[*] Cross Frame Scripting ( XFS )
[*] Cross-Site Scripting ( XSS - Persistent, Non-Persistent, DOM Based)
[*] Directory traversal including shell uploading
[*] Email Injection
[*] File Inclusion (LFI,RFI with and without null byte)
[*] Full Path Disclosure
[*] LDAP Injection
[*] PHP code injection
[*] PHP curl_exec() url is controlled by user
[*] PHP invalid data type error message
[*] PHP preg_replace used on user input
[*] PHP unserialize() used on user input
[*] Remote XSL inclusion
[*] Script source code disclosure
[*] Server-Side Includes (SSI) Injection
[*] Structured Query Language Injection(SQL Injection)
[*] URL Redirection
[*] XPath Injection vulnerability
[*] EXIF
[*] Buffer Overflows
[*] Clickjacking
[*] Dangling Pointers
[*] Format String Attack
[*] FTP Bounce Attack
[*] Symlinking and Server Rooting
[*] Blind SQL injection (timing - Boolean Based)
[*] Blind SQL Injection (Blind SQL String Based and Double Query Blind Based)
[*] 8.3 DOS Filename Source Code Disclosure
[*] Search for Backup files
[*] Cross Site Scripting in URI
[*] PHP super-globals-overwrite
[*] Script errors (such as the Microsoft IIS Cookie Variable Information Disclosure)
[*] WebDAV (very vulnerable component of IIS servers)
[*] Application error message
[*] Check for common files
[*] Directory Listing
[*] Email address found
[*] Local path disclosure
[*] Possible sensitive files
[*] Microsoft Office possible sensitive information
[*] Possible internal IP address disclosure
[*] Possible server path disclosure (Unix and Windows)
[*] Possible username or password disclosure
[*] Sensitive data not encrypted
[*] Source code disclosure
[*] Cross-Site Request Forgery (CSRF)
[*]

_________________
Mess with the Best, Die like the Rest
Back to top Go down
 
Names of web vulnerabilities
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Home of Ethical White Hat Hackers :: White Hat Hackers Community :: Hacking & Security Tutorials-
Jump to: