HTTP Response Splitting [CWE-113] — The HacktivistsHTTP Response Splitting weakness describes improper neutralization of CRLF sequences in HTTP headers.May 24, 2022May 24, 2022
Buffer Errors [CWE-119] — The HacktivistsBuffer Errors weakness describes improper restriction of operations within the bounds of a memory buffer.May 24, 2022May 24, 2022
Improper Handling of Length Parameter Inconsistency [CWE-130] — The HacktivistsImproper Handling of Length Parameter Inconsistency is a security weakness that describes improper handling of a length field for…May 24, 2022May 24, 2022
Off-by-one Error [CWE-193] — The HacktivistsOff-by-one error occurs when a program uses an improper maximum or minimum value that is one more or one less than the proper value.May 24, 2022May 24, 2022
PHP File Inclusion [CWE-98] — The HacktivistsPHP File Inclusion weakness describes improper control of filename within Include() or Require() statements in a PHP program.May 24, 2022May 24, 2022
Code Injection [CWE-94] — The HacktivistsCode Injection weakness describes improper control of code generation.May 24, 2022May 24, 2022
XML Injection [CWE-91] — The HacktivistsXML Injection weakness describes improper neutralization of special elements used in XML queries.May 24, 2022May 24, 2022
LDAP Injection [CWE-90] — The HacktivistsLDAP Injection weakness describes improper neutralization of special elements used in LDAP queries.May 24, 2022May 24, 2022
SQL Injection [CWE-89] — The HacktivistsSQL Injection is a weakness that is caused by improper neutralization of special elements used in an SQL query.May 24, 2022May 24, 2022
Published inSystem WeaknessImproper Handling of Undefined Parameters [CWE-236] — The HacktivistsImproper Handling of Undefined Parameters describes a case when an application uses an undefined parameter, field, or argument.May 11, 2022May 11, 2022
Incorrect Default Permissions [CWE-276] — The HacktivistsIncorrect Default Permissions weakness describes a case where software sets insecure permissions to objects on a system.May 11, 2022May 11, 2022
Improper Access Control [CWE-284] — The HacktivistsImproper Access Control weakness describes a failure in the AAA security model.May 11, 2022May 11, 2022
Session Fixation [CWE-384] — The HacktivistsSession Fixation weakness describes a case where an application incorrectly handles session identifiers when establishing new sessions.May 11, 2022May 11, 2022
Cross-Site Scripting — XSS [CWE-79] — The HacktivistsCross-Site scripting or XSS is a weakness that is caused by improper neutralization of input during web page generation.May 11, 2022May 11, 2022
Improper Authentication [CWE-287] — The HacktivistsImproper Authentication weakness describes improper mechanisms of user’s identity verification.Mar 19, 2021Mar 19, 2021
Improper Authorization [CWE-285] — The HacktivistsImproper Authorization weakness describes improper mechanisms of user’s authorization.Mar 18, 2021Mar 18, 2021
Improper Validation of Certificate with Host Mismatch [CWE-297] — The HacktivistsThis weakness describes Improper Validation of Certificate with Host Mismatch.Mar 18, 2021Mar 18, 2021
Missing Authentication for Critical Function [CWE-306] — The HacktivistsThis weakness describes Missing Authentication for Critical Function.Mar 17, 2021Mar 17, 2021
Cleartext Storage of Sensitive Information [CWE-312] — The HacktivistsCleartext Storage of Sensitive Information weakness describes a case where sensitive information is stored in clear text in location…Mar 17, 2021Mar 17, 2021
Unrestricted Upload of File with Dangerous Type [CWE-434]— The HacktivistsArbitrary file upload weakness describes improper or absent validation of file types when uploading files.Mar 16, 2021Mar 16, 2021
![Improper Handling of Length Parameter Inconsistency [CWE-130] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/0*EI90BYFcUhXBe9FY.png)
![Improper Handling of Length Parameter Inconsistency [CWE-130] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/0*EI90BYFcUhXBe9FY.png)
![PHP File Inclusion [CWE-98] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/0*x2zr67IDrUvGvJZ-.png)
![PHP File Inclusion [CWE-98] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/0*x2zr67IDrUvGvJZ-.png)
![Code Injection [CWE-94] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/0*sDtB_qbvGqSa10fR.png)
![Code Injection [CWE-94] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/0*sDtB_qbvGqSa10fR.png)
![SQL Injection [CWE-89] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/0*N6OartaWS9oRxE7y.png)
![SQL Injection [CWE-89] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/0*N6OartaWS9oRxE7y.png)
![Improper Handling of Undefined Parameters [CWE-236] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/0*TT_hBbfjjM5GEPsz.png)
![Improper Handling of Undefined Parameters [CWE-236] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/0*TT_hBbfjjM5GEPsz.png)
![Incorrect Default Permissions [CWE-276] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*znGFNVoGDlIEtEqZvkxqBQ.jpeg)
![Incorrect Default Permissions [CWE-276] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*znGFNVoGDlIEtEqZvkxqBQ.jpeg)
![Improper Access Control [CWE-284] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*RebgavK38qURAdz6Oy6KJg.jpeg)
![Improper Access Control [CWE-284] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*RebgavK38qURAdz6Oy6KJg.jpeg)
![Session Fixation [CWE-384] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*gNC78b9IKziShaLOL39IFA.jpeg)
![Session Fixation [CWE-384] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*gNC78b9IKziShaLOL39IFA.jpeg)
![Cross-Site Scripting — XSS [CWE-79] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/0*nvnwmgdCkiT4gPoc.png)
![Cross-Site Scripting — XSS [CWE-79] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/0*nvnwmgdCkiT4gPoc.png)
![Improper Authentication [CWE-287] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*EQEzXTb4LiUBQJjkjRMr8A.jpeg)
![Improper Authentication [CWE-287] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*EQEzXTb4LiUBQJjkjRMr8A.jpeg)
![Improper Authorization [CWE-285] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*hgn_xBLQaS80kqOpoP6szA.jpeg)
![Improper Authorization [CWE-285] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*hgn_xBLQaS80kqOpoP6szA.jpeg)
![Improper Validation of Certificate with Host Mismatch [CWE-297] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*hBSdI9gnASVAyxwlNxbGkw.jpeg)
![Improper Validation of Certificate with Host Mismatch [CWE-297] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*hBSdI9gnASVAyxwlNxbGkw.jpeg)
![Missing Authentication for Critical Function [CWE-306] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*3eeXpToVQL_m-ZjUl3E4nw.jpeg)
![Missing Authentication for Critical Function [CWE-306] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*3eeXpToVQL_m-ZjUl3E4nw.jpeg)
![Cleartext Storage of Sensitive Information [CWE-312] — The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*2Do50D5-BR61Gxsuc94VfQ.jpeg)
![Cleartext Storage of Sensitive Information [CWE-312] — The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*2Do50D5-BR61Gxsuc94VfQ.jpeg)
![Unrestricted Upload of File with Dangerous Type [CWE-434]— The Hacktivists](https://miro.medium.com/v2/resize:fill:80:53/1*cdEkrQkfLVJVH52hieWwoA.jpeg)
![Unrestricted Upload of File with Dangerous Type [CWE-434]— The Hacktivists](https://miro.medium.com/v2/resize:fill:160:107/1*cdEkrQkfLVJVH52hieWwoA.jpeg)
