Weakness browsing - CVE-Search

CAPEC

Related Weakness

Web Logs Tampering

CWE-20	Improper Input Validation
CWE-75	Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CWE-93	Improper Neutralization of CRLF Sequences ('CRLF Injection')
CWE-96	Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-116	Improper Encoding or Escaping of Output
CWE-117	Improper Output Neutralization for Logs
CWE-150	Improper Neutralization of Escape, Meta, or Control Sequences
CWE-221	Information Loss or Omission
CWE-276	Incorrect Default Permissions
CWE-279	Incorrect Execution-Assigned Permissions
CWE-713	OWASP Top Ten 2007 Category A2 - Injection Flaws

Accessing Functionality Not Properly Constrained by ACLs

CWE-276	Incorrect Default Permissions
CWE-285	Improper Authorization
CWE-434	Unrestricted Upload of File with Dangerous Type
CWE-693	Protection Mechanism Failure
CWE-721	OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
CWE-732	Incorrect Permission Assignment for Critical Resource

Directory Indexing

CWE-276	Incorrect Default Permissions
CWE-285	Improper Authorization
CWE-288	Authentication Bypass Using an Alternate Path or Channel
CWE-424	Improper Protection of Alternate Path
CWE-425	Direct Request ('Forced Browsing')
CWE-693	Protection Mechanism Failure
CWE-721	OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
CWE-732	Incorrect Permission Assignment for Critical Resource

Back to Top