Using SQL Hotspots in a Prioritization Heuristic for Detecting All Types of Web Application Vulnerabilities: Difference between revisions
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 41: | Line 41: | ||
# http://cwe.mitre.org/top25/ | # http://cwe.mitre.org/top25/ | ||
# http://www.sans.org/critical-security-controls/#summary | # http://www.sans.org/critical-security-controls/#summary | ||
# SQL injection vulnerabilities occur when a lack of input validation could allow a user to force unintended system behavior by altering the logical structure of a SQL statement using SQL reserved words and special characters. | # ''SQL injection vulnerabilities'' occur when a lack of input validation could allow a user to force unintended system behavior by altering the logical structure of a SQL statement using SQL reserved words and special characters. | ||
# ''Error message vulnerabilities'' occur when the system does not correctly handle an exceptional condition, causing sensitive. | |||
# http://wordpress.org/ | |||
# http://wikkawiki.org/HomePage | |||