Category
WASC-03 - Integer Overflows
-
(336)
Category
WASC-05 - Remote File Inclusion
-
(338)
Category
WASC-06 - Format String
-
(339)
Category
WASC-07 - Buffer Overflow
-
(340)
Category
WASC-08 - Cross-Site Scripting
-
(341)
Category
WASC-09 - Cross-Site Request Forgery
-
(342)
Category
WASC-10 - Denial of Service
-
(343)
Category
WASC-11 - Brute Force
-
(344)
Category
WASC-12 - Content Spoofing
-
(345)
Category
WASC-18 - Credential/Session Prediction
-
(351)
Category
WASC-19 - SQL Injection
-
(352)
Category
WASC-23 - XML Injection
-
(356)
Category
WASC-24 - HTTP Request Splitting
-
(357)
Category
WASC-25 - HTTP Response Splitting
-
(358)
Category
WASC-26 - HTTP Request Smuggling
-
(359)
Category
WASC-27 - HTTP Response Smuggling
-
(360)
Category
WASC-28 - Null Byte Injection
-
(361)
Category
WASC-29 - LDAP Injection
-
(362)
Category
WASC-30 - Mail Command Injection
-
(363)
Category
WASC-31 - OS Commanding
-
(364)
Category
WASC-32 - Routing Detour
-
(365)
Category
WASC-33 - Path Traversal
-
(366)
Category
WASC-34 - Predictable Resource Location
-
(367)
Category
WASC-35 - SOAP Array Abuse
-
(368)
Category
WASC-36 - SSI Injection
-
(369)
Category
WASC-37 - Session Fixation
-
(370)
Category
WASC-38 - URL Redirector Abuse
-
(371)
Category
WASC-39 - XPath Injection
-
(372)
Category
WASC-41 - XML Attribute Blowup
-
(374)
Category
WASC-42 - Abuse of Functionality
-
(375)
Category
WASC-43 - XML External Entities
-
(376)
Category
WASC-44 - XML Entity Expansion
-
(377)
Category
WASC-45 - Fingerprinting
-
(378)
Category
WASC-46 - XQuery Injection
-
(379)