CAPEC Related Weakness
Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping
CWE-209Generation of Error Message Containing Sensitive Information
CWE-3887PK - Errors
Fuzzing and observing application log data/errors for application mapping
CWE-209Generation of Error Message Containing Sensitive Information
CWE-532Insertion of Sensitive Information into Log File
Padding Oracle Crypto Attack
CWE-209Generation of Error Message Containing Sensitive Information
CWE-347Improper Verification of Cryptographic Signature
CWE-354Improper Validation of Integrity Check Value
CWE-514Covert Channel
CWE-649Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
CWE-696Incorrect Behavior Order
Query System for Information
CWE-209Generation of Error Message Containing Sensitive Information
Blind SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-209Generation of Error Message Containing Sensitive Information
CWE-697Incorrect Comparison
CWE-707Improper Neutralization
CWE-713OWASP Top Ten 2007 Category A2 - Injection Flaws
Back to Top