Category WASC-03 - Integer Overflows - (336)

Category WASC-05 - Remote File Inclusion - (338)

Category WASC-06 - Format String - (339)

Category WASC-07 - Buffer Overflow - (340)

Category WASC-08 - Cross-Site Scripting - (341)

Category WASC-09 - Cross-Site Request Forgery - (342)

Category WASC-10 - Denial of Service - (343)

Category WASC-11 - Brute Force - (344)

Category WASC-12 - Content Spoofing - (345)

Category WASC-18 - Credential/Session Prediction - (351)

Category WASC-19 - SQL Injection - (352)

Category WASC-23 - XML Injection - (356)

Category WASC-24 - HTTP Request Splitting - (357)

Category WASC-25 - HTTP Response Splitting - (358)

Category WASC-26 - HTTP Request Smuggling - (359)

Category WASC-27 - HTTP Response Smuggling - (360)

Category WASC-28 - Null Byte Injection - (361)

Category WASC-29 - LDAP Injection - (362)

Category WASC-30 - Mail Command Injection - (363)

Category WASC-31 - OS Commanding - (364)

Category WASC-32 - Routing Detour - (365)

Category WASC-33 - Path Traversal - (366)

Category WASC-34 - Predictable Resource Location - (367)

Category WASC-35 - SOAP Array Abuse - (368)

Category WASC-36 - SSI Injection - (369)

Category WASC-37 - Session Fixation - (370)

Category WASC-38 - URL Redirector Abuse - (371)

Category WASC-39 - XPath Injection - (372)

Category WASC-41 - XML Attribute Blowup - (374)

Category WASC-42 - Abuse of Functionality - (375)

Category WASC-43 - XML External Entities - (376)

Category WASC-44 - XML Entity Expansion - (377)

Category WASC-45 - Fingerprinting - (378)

Category WASC-46 - XQuery Injection - (379)