Web Application Vulnerabilities!

The following is an extensive library of security solutions, articles and guides that are meant to be helpful and informative resources on a range of Web vulnerability types, including, but not limited to, Cross-Site Scripting, SQL injection, CSRF injection (Read My Old Topic) and insufficient transport layer weaknesses.

• Web application vulnerabilities are some of the most common flaws leading to modern data breaches.

Application VulnerabilitiesApplication Vulnerabilities are system flaws or weaknesses in an application that could be exploited to compromise the security of the application.

CRLF Injection

CRLF injection elements special character "carriage return" and refers to the "line feed." A sequence in an HTTP stream, an attacker is able to inject CRLF when exploits are found.

Cross-Site Request Forgery

Cross-site Request Forgery Cross-Site Request Forgery (CSRF) is an authorized user can perform these actions as they appear so that the user's Web browser to perform unwanted actions that a malicious attack tricks .

Cross-Site Scripting

Cross-site scripting XSS on the server side (the user's web browser) that are executed on the client side, embedded in a page scripting vulnerabilities target.

Directory Traversal

HTTP directory traversal Directory traversal of a type that restricts unauthorized access to directories and files to be used by attackers exploit.

Failure to Restrict URL Access

Failure to Restrict URL Access is one of the common vulnerabilities listed on the Open Web Application Security Project’s (OWASP) Top 10. The OWASP Top 10 details the most critical vulnerabilities in web applications.

Insecure Cryptographic Storage

Insecure Cryptographic Storage Insecure Cryptographic Storage is a common vulnerability that occurs when sensitive data is not stored securely from internal users.

Insufficient Transport Layer Protection

Insufficient Transport Layer Protection is a security weakness caused by applications not taking any measures to protect network traffic.

LDAP Injection

LDAP Injection LDAP injection is the technique of exploiting web applications that use client-supplied data in LDAP statements without first stripping potentially harmful characters from the request.

Malicious Code

Malicious Code Analysis tools are designed to uncover any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system.

SQL Injection

SQL Injection SQL injection is a type of web application security vulnerability in which an attacker is able to submit a database SQL command, which is executed by a web application, exposing the back-end database.