OWASP Vulnerabilities

1. SQL Injection

Description: SQL Injection occurs when an attacker can manipulate SQL queries by injecting malicious input, potentially gaining unauthorized access or manipulating data.

Documentation: SQL Injection Testing

2. Cross-Site Scripting (XSS)

Description: XSS vulnerabilities allow attackers to inject malicious scripts into web pages viewed by other users, which can lead to data theft or unauthorized actions.

Documentation: Cross-Site Scripting (XSS)

3. Broken Authentication

Description: Broken Authentication vulnerabilities occur when authentication mechanisms are not properly implemented, potentially allowing unauthorized access to user accounts or sensitive data.

Documentation: Broken Authentication

Common Passwords List: Common Passwords

4. Sensitive Data Exposure

Description: Sensitive Data Exposure vulnerabilities occur when sensitive data is not adequately protected, potentially leading to data breaches or unauthorized access.

Documentation: Sensitive Data Exposure

5. Broken Access Control

Description: Broken Access Control vulnerabilities occur when users are able to access resources or perform actions that they should not be permitted to.

Documentation: Broken Access Control

6. Cross-Site Request Forgery (CSRF)

Description: CSRF vulnerabilities occur when attackers trick users into performing actions on a web application where they are authenticated, potentially leading to unauthorized actions.

Documentation: Cross-Site Request Forgery (CSRF)

7. Insecure Deserialization

Description: Insecure Deserialization vulnerabilities occur when attackers exploit deserialization processes to execute arbitrary code or tamper with application logic.

Documentation: Insecure Deserialization

8. Security Misconfiguration

Description: Security Misconfiguration vulnerabilities occur when an application or server is not securely configured, potentially exposing it to various attacks.

Documentation: Security Misconfiguration