CAPEC Related Weakness
Subverting Environment Variable Values
CWE-15External Control of System or Configuration Setting
CWE-20Improper Input Validation
CWE-73External Control of File Name or Path
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-200Information Exposure
CWE-285Improper Authorization
CWE-302Authentication Bypass by Assumed-Immutable Data
CWE-353Missing Support for Integrity Check
Client-side Injection-induced Buffer Overflow
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-118Improper Access of Indexable Resource ('Range Error')
CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-353Missing Support for Integrity Check
CWE-680
CWE-697Insufficient Comparison
CWE-713
Manipulating Opaque Client-based Data Tokens
CWE-233Improper Handling of Parameters
CWE-285Improper Authorization
CWE-302Authentication Bypass by Assumed-Immutable Data
CWE-315Cleartext Storage of Sensitive Information in a Cookie
CWE-353Missing Support for Integrity Check
CWE-384
CWE-472External Control of Assumed-Immutable Web Parameter
CWE-539Information Exposure Through Persistent Cookies
CWE-565Reliance on Cookies without Validation and Integrity Checking
Manipulating User State
CWE-315Cleartext Storage of Sensitive Information in a Cookie
CWE-353Missing Support for Integrity Check
CWE-371
CWE-372Incomplete Internal State Distinction
CWE-693Protection Mechanism Failure
Manipulating Writeable Configuration Files
CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-99Improper Control of Resource Identifiers ('Resource Injection')
CWE-346Origin Validation Error
CWE-349Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-353Missing Support for Integrity Check
CWE-354Improper Validation of Integrity Check Value
CWE-713
Back to Top