sudoninja book
  • sudoninja book
  • About us
  • Security Area
    • Penetration Testing Methodologies
      • 7 Layer
    • How to Find CVE
      • TOP All bugbounty pentesting CVE
      • What is CVE
      • Where I try to find vulnerability and exploit
      • How to find vulnerability (approach).
      • How to Request CVE
      • My CVE
      • My submission on exploit DB
      • Write up and CVE
      • Published CVE on website
    • DAST/SAST
    • Penetration-Testing
      • Offensive-Resources
      • pentest tool
      • Mind map
    • Web Application Penetration Testing
      • Web Pentesting Methodology
      • Video
      • Cheat sheet
      • Book
      • Lab
      • Mind Map
      • Check list
      • Blog
      • Payload
      • Report
      • Tool
    • Network Penetration Testing
      • Checklist
    • Mobile Penetration testing
      • Mobile PT methology
      • APK Penetration Testing
      • Android PT
        • Methology
        • Github
        • video
        • Report
        • Tool
        • Mind Map
        • Payload
        • Cheat sheet
        • Check list
        • Lab
        • Book
        • Blog
      • iOS PT
        • Methology
        • Check list
        • Github
        • Lab
        • Book
        • Payload
        • Report
        • Mind Map
        • Blog
        • Tool
        • Video
      • Cheatsheet
      • Mind Map
    • Active Directory penetration testing
      • Methodology
      • Note
      • Checklist
      • Mind map
      • Cheatsheet
      • Tool
      • Note
      • Lab
      • Payload
    • API Penetration Testing
      • Methodology
      • Video
      • Book
      • Mind map
      • Lab
      • Checklist
      • Blog
      • Payload
      • Report
      • Tool
    • Source Code Review
      • Mindmap
      • Link
      • Blog
    • CTF
      • Practice
        • Youtube
        • CTF
    • IOT Penetration Testing
      • Methodology
      • Cheat sheet
      • Book
      • Mind Map
      • Check list
      • Blog
      • Video
      • Report
      • Tool
    • Red Teaming
      • Mind map
      • OSINT
      • Configure your own vulnerable CTF machine
    • Cloud Security
      • Google Cloud Platform
      • Azure
      • Report
      • AWS
      • Lab
    • Bug Bounty Hunting
      • Learning Engine for Bug Hunter
      • bug bounty tips
        • Book
        • Guide
      • Cheat sheet
      • Bugbounty writeup - medium / others
      • Hackerone Report
      • Recon map
      • Writeups
      • Bug bounty Platform
      • Tool
    • Thick Client Pentesting
    • Malware Analysis
    • DevSecOps
    • Wireless Penetration Testing
      • Note
      • Cheatsheet
  • Practice and improve skills
  • list of Vulnerabilities-1
    • 2FA/OTP Bypass
    • Account Takeover
    • Apache Log Poisoning through LFI
    • Broken Links
    • Bruteforcing
    • Business Logic Flaws
    • Broken Authentication & Session Management
    • Cross Site Scripting
    • Crawl/Fuzz
    • Content Security Policy (CSP)
    • CORS
    • CSRF
    • Clickjacking
    • CRLF
    • Command Injection
    • Client Side Template Injection (CSTI)
    • cookie
    • Cookies Hacking
    • Captcha Bypass
    • Dangling Markup - HTML scriptless injection
    • Deserialization
    • Directory Browsing
    • DNS Rebinding
    • Email Header Injection
    • Email attacks
    • File Inclusion/Path traversal
    • File Upload
    • Github Recon
    • Header injections
    • HTTP Request Smuggling
    • HTTP Parameter pollution
    • HTML Injection
    • HTTP Authentication
    • HTTP Protocol
    • IDOR
    • JWT Vulnerabilities (Json Web Tokens)
    • LDAP Injection
    • NoSQL injection
    • Open Redirect
    • Online hashes cracked
    • Race Condition
    • Ruby on Rails
    • Rate Limit Bypass
    • Pastejacking
    • Path Traversal
    • Password Reset
    • Prototype Pollution
    • SQL Injection
    • SSRF (Server Side Request Forgery)
    • SSTI (Server Side Template Injection)
    • Session fixation
    • Subdomain Takeover
    • S3 Bucket
    • Unicode Normalization vulnerability
    • XPATH injection
    • XSLT Server Side Injection
    • XXE - XML External Entity
    • XS-Search
    • Web Cache Deception
    • Web Sockets
    • Webshells
  • list of Vulnerabilities-2
    • Web Application Vulnerability 2022
  • Tool
    • sqlmap
      • Sql login bypass
    • Extra
    • Github
    • Search Engine for Hackers
    • Burp Extensions
    • Dorks
    • Python
    • one line script
      • more
  • Note
  • AWAE/OSWE
    • Cherry Tree
  • Burp Suite Certified Practitioner
    • Sql Injection
  • Pentesting Bible
  • Free Certification
  • Hack The Box
  • Bookmark
  • Report
  • Lab
    • MY Machine
  • Framework
    • OWASP guide
      • Map
      • OWASP Cheatsheet
  • CheatSheet
  • Mind Map
  • Certifications
  • Research Tool
  • Learn for Fun
    • Email spoofing
  • POST
    • Here are 24 websites to learn Linux for free:
    • 39 cybersecurity news resources
    • 30 cybersecurity search engines
    • 27 ways to learn ethical hacking for free
Powered by GitBook
On this page

Was this helpful?

list of Vulnerabilities-2

PreviousWebshellsNextWeb Application Vulnerability 2022

Last updated 4 years ago

Was this helpful?

Insufficient Session Invalidation
Content Spoofing
Weak Password Recovery
HTTP Response Splitting
Predictable Resource Location
Buffer Overflow
Application Misconfiguration
Insecure Indexing
Null Byte Injection
Insufficient Password Strength
Denial of Service
Information Leakage
Frameable Response
Insufficient Crossdomain
Persistent Session Cookie
Credential/Session Prediction
Improper Filesystem Permissions
Insufficient Password Recovery
URL Redirector Abuse
Insufficient Transport Layer
Mixed Content Security
Insufficient Password Aging
Personally Identifiable Information
Insufficient Anti-automation
Improper Input Handling
Integer Overflows
Routing Detour
XML Attribute Blowup
XQuery Injection
Insufficient User Session Invalidation
Insufficient Process Validation
Insufficient Authentication
Insufficient Session Expiration
Abuse of Functionality
Invalid HTTP Method Usage
Secured Cachable HTTP Messages
Non-HttpOnly Session Cookie
Improper Output Handling
Mail Command Injection
SOAP Array Abuse

Vulnerabilities - AcunetixAcunetix
Logo
list of Vulnerabilities