Open in app

Sign In

Write

Sign In

The Hacktivists
The Hacktivists

28 Followers

Home

About

May 24, 2022

HTTP Response Splitting [CWE-113] — The Hacktivists

HTTP Response Splitting weakness describes improper neutralization of CRLF sequences in HTTP headers. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Severity and CVSS Scoring 1. Description ……………………………… This weakness occurs when software accepts data from an upstream provider but does not neutralize or incorrectly neutralizes…

Application Security

3 min read

Application Security

3 min read


May 24, 2022

Buffer Errors [CWE-119] — The Hacktivists

Buffer Errors weakness describes improper restriction of operations within the bounds of a memory buffer. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Severity and CVSS Scoring 1. Description ……………………………… Buffer errors are common for software that performs operations on a memory buffer. Due to the…

Buffer Errors

5 min read

Buffer Errors

5 min read


May 24, 2022

Improper Handling of Length Parameter Inconsistency [CWE-130] — The Hacktivists

Improper Handling of Length Parameter Inconsistency is a security weakness that describes improper handling of a length field for associated data. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Severity and CVSS Scoring 1. Description ……………………………… This weakness describes a situation when the length of attacker-controlled…

Bug Bounty

4 min read

Improper Handling of Length Parameter Inconsistency [CWE-130] — The Hacktivists
Improper Handling of Length Parameter Inconsistency [CWE-130] — The Hacktivists
Bug Bounty

4 min read


May 24, 2022

Off-by-one Error [CWE-193] — The Hacktivists

Off-by-one error occurs when a program uses an improper maximum or minimum value that is one more or one less than the proper value. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Severity and CVSS Scoring 1. Description ……………………………… An off-by-one condition is a logic error…

Bug Bounty

3 min read

Bug Bounty

3 min read


May 24, 2022

PHP File Inclusion [CWE-98] — The Hacktivists

PHP File Inclusion weakness describes improper control of filename within Include() or Require() statements in a PHP program. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Exploitation Examples 6. Severity and CVSS Scoring 1. Description ……………………………… This weakness occurs when a PHP application receives input and…

Php File Inclusion

3 min read

PHP File Inclusion [CWE-98] — The Hacktivists
PHP File Inclusion [CWE-98] — The Hacktivists
Php File Inclusion

3 min read


May 24, 2022

Code Injection [CWE-94] — The Hacktivists

Code Injection weakness describes improper control of code generation. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Exploitation Examples 6. Severity and CVSS Scoring 1. Description ……………………………… This weakness describes a situation where the software uses untrusted input to contrast all parts of code and does…

Code Injection

3 min read

Code Injection [CWE-94] — The Hacktivists
Code Injection [CWE-94] — The Hacktivists
Code Injection

3 min read


May 24, 2022

XML Injection [CWE-91] — The Hacktivists

XML Injection weakness describes improper neutralization of special elements used in XML queries. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Severity and CVSS Scoring 1. Description ……………………………… A variety of popular software (Apache Tomcat, OpenOffice, Microsoft Office, IM Jabber, Zend Framework, IBM WebSphere) uses eXtensible…

Xml Injection

3 min read

Xml Injection

3 min read


May 24, 2022

LDAP Injection [CWE-90] — The Hacktivists

LDAP Injection weakness describes improper neutralization of special elements used in LDAP queries. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Severity and CVSS Scoring 1. Description ……………………………… This weakness describes a case where software does not properly validate external input before using it to construct…

Ldap Injection

3 min read

Ldap Injection

3 min read


May 24, 2022

SQL Injection [CWE-89] — The Hacktivists

SQL Injection is a weakness that is caused by improper neutralization of special elements used in an SQL query. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Exploitation Examples 6. Severity and CVSS Scoring 1. Description ……………………………… The basic form of SQL injection describes the direct…

Sql Injection

3 min read

SQL Injection [CWE-89] — The Hacktivists
SQL Injection [CWE-89] — The Hacktivists
Sql Injection

3 min read


Published in

System Weakness

·May 11, 2022

Improper Handling of Undefined Parameters [CWE-236] — The Hacktivists

Improper Handling of Undefined Parameters describes a case when an application uses an undefined parameter, field, or argument. Table of Content 1. Description 2. Potential impact 3. Attack patterns 4. Affected software 5. Severity and CVSS Scoring 1. Description ……………………………… This weakness occurs when software performs actions on parameters, fields, or arguments that…

Undefined Parameters

3 min read

Improper Handling of Undefined Parameters [CWE-236] — The Hacktivists
Improper Handling of Undefined Parameters [CWE-236] — The Hacktivists
Undefined Parameters

3 min read

The Hacktivists

The Hacktivists

28 Followers

Contact us for Information Security Services & Training https://thehacktivists.in/

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams