 |
|
Absolute Path TraversalAbsolute Path Traversal Description If a product expects a filename as input it is possible that it can construct an absolute path such as... Account lockout attack Description In an account lockout attack, the attacker attempts to lockout all user accounts, typically by failing login...
Cache Poisoning Description The impact of a maliciously
constructed response can be magnified if it is cached either
by a web cache used by...
Cross-User Defacement Description An attacker can make a single request to a vulnerable server that will cause the sever to create two responses,...
Mobile code: invoking untrusted mobile code Description This attack consists on manipulation of a mobile code in order to execute malicious...
Mobile code: non-final public field Description This attack aims to manipulate non-final public variables used in mobile code by injecting... Mobile code: object hijack Description This attack consists in a technique to create objects without constructors’ methods by taking... |