CAPEC Related Weakness
Padding Oracle Crypto Attack
CWE-209Information Exposure Through an Error Message
CWE-347Improper Verification of Cryptographic Signature
CWE-354Improper Validation of Integrity Check Value
CWE-514Covert Channel
CWE-649Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
CWE-696Incorrect Behavior Order
Manipulating Writeable Configuration Files
CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-99Improper Control of Resource Identifiers ('Resource Injection')
CWE-346Origin Validation Error
CWE-349Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-353Missing Support for Integrity Check
CWE-354Improper Validation of Integrity Check Value
CWE-713OWASP Top Ten 2007 Category A2 - Injection Flaws
Back to Top