CAPEC Related Weakness
Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping
CWE-209Information Exposure Through an Error Message
CWE-388
Fuzzing and observing application log data/errors for application mapping
CWE-209Information Exposure Through an Error Message
CWE-532Information Exposure Through Log Files
Padding Oracle Crypto Attack
CWE-209Information Exposure Through an Error Message
CWE-347Improper Verification of Cryptographic Signature
CWE-354Improper Validation of Integrity Check Value
CWE-514Covert Channel
CWE-649Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
CWE-696Incorrect Behavior Order
Probe Application Error Reporting
CWE-209Information Exposure Through an Error Message
CWE-248Uncaught Exception
CWE-717
Blind SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-209Information Exposure Through an Error Message
CWE-390Detection of Error Condition Without Action
CWE-697Insufficient Comparison
CWE-707Improper Enforcement of Message or Data Structure
CWE-713
Back to Top