V1P3R WhiteHat Support


Posts : 76 White Hat Points : 202 White Hat Reputation : 10 Join date : 2013-07-30
 | Subject: Names of web vulnerabilities Wed Aug 14, 2013 9:34 am | |
| - Code:
[*] Arbitrary File Deletion [*] Code Execution Hacking(LFI,RFI,Iframe Injection, Remote Code Execution) [*] Cookie Manipulation (Meta HTTP-EQUIV & CRLF Injection) [*] CRLF Injection (HTTP response splitting & Headers Injection) [*] Cross Frame Scripting ( XFS ) [*] Cross-Site Scripting ( XSS - Persistent, Non-Persistent, DOM Based) [*] Directory traversal including shell uploading [*] Email Injection [*] File Inclusion (LFI,RFI with and without null byte) [*] Full Path Disclosure [*] LDAP Injection [*] PHP code injection [*] PHP curl_exec() url is controlled by user [*] PHP invalid data type error message [*] PHP preg_replace used on user input [*] PHP unserialize() used on user input [*] Remote XSL inclusion [*] Script source code disclosure [*] Server-Side Includes (SSI) Injection [*] Structured Query Language Injection(SQL Injection) [*] URL Redirection [*] XPath Injection vulnerability [*] EXIF [*] Buffer Overflows [*] Clickjacking [*] Dangling Pointers [*] Format String Attack [*] FTP Bounce Attack [*] Symlinking and Server Rooting [*] Blind SQL injection (timing - Boolean Based) [*] Blind SQL Injection (Blind SQL String Based and Double Query Blind Based) [*] 8.3 DOS Filename Source Code Disclosure [*] Search for Backup files [*] Cross Site Scripting in URI [*] PHP super-globals-overwrite [*] Script errors (such as the Microsoft IIS Cookie Variable Information Disclosure) [*] WebDAV (very vulnerable component of IIS servers) [*] Application error message [*] Check for common files [*] Directory Listing [*] Email address found [*] Local path disclosure [*] Possible sensitive files [*] Microsoft Office possible sensitive information [*] Possible internal IP address disclosure [*] Possible server path disclosure (Unix and Windows) [*] Possible username or password disclosure [*] Sensitive data not encrypted [*] Source code disclosure [*] Cross-Site Request Forgery (CSRF)
[*] _________________ Mess with the Best, Die like the Rest |
|