Vulnerability Knowledge Base

Broken access control and Insecure Direct Object Reference (IDOR) flaws let attackers access or modify resources they don't own. Learn detection patterns and secure authorization practices.

Broken Authentication encompasses flaws in authentication mechanisms that allow attackers to compromise passwords, session tokens, or exploit implementation flaws to assume other users' identities.

Clickjacking tricks users into clicking invisible iframe overlays to perform unintended actions. Learn how X-Frame-Options, Content Security Policy, and frame-busting prevent these attacks.

CSRF tricks authenticated users into unknowingly submitting malicious requests. Learn how CSRF tokens, SameSite cookies, and origin validation prevent these attacks.

XSS occurs when applications include untrusted data in web pages without proper encoding, allowing attackers to execute malicious scripts in victims' browsers.

Hardcoded credentials occur when passwords, API keys, cryptographic keys, or other secrets are embedded directly in source code, configuration files, or build artifacts, making them accessible to anyone with code access.

HTTP response splitting injects CRLF sequences into HTTP headers, allowing attackers to craft malicious responses, conduct cache poisoning, and perform cross-site scripting attacks.

Insecure Deserialization occurs when an application deserializes untrusted data without validation, potentially allowing attackers to execute arbitrary code, tamper with application logic, or perform denial-of-service attacks.

Flawed JWT implementations allow attackers to forge tokens, bypass authentication, and escalate privileges. Learn common JWT pitfalls including algorithm confusion, none algorithm, and weak secrets.

Using weak or predictable random number generators for security-sensitive values like tokens, session IDs, and OTPs allows attackers to predict or brute-force these values. Learn which APIs to use.

LDAP Injection allows attackers to manipulate directory queries, bypass authentication, and extract sensitive directory information. Learn how to detect and prevent it.

Log injection allows attackers to insert fake log entries or newline characters into application logs, obscuring malicious activity and potentially attacking log management systems downstream.

Mass assignment vulnerabilities allow attackers to set unintended model properties by submitting extra fields in HTTP requests, leading to privilege escalation and data tampering. Learn how to use DTOs and property allow-lists.

Missing HTTP security headers leave applications vulnerable to clickjacking, MIME sniffing, XSS, and information disclosure. Learn which headers are essential and how to configure them.

NoSQL injection attacks manipulate MongoDB and other NoSQL queries using operator injection, allowing authentication bypass and unauthorized data access. Learn detection and prevention.

Open redirect vulnerabilities allow attackers to redirect users from a trusted site to a malicious URL, enabling phishing and credential harvesting. Learn detection and prevention.

OS Command Injection occurs when an application passes unsanitized user input to a system shell, allowing attackers to execute arbitrary commands on the host operating system. Learn how to detect and prevent command injection across languages.

Path Traversal (Directory Traversal) allows attackers to access files outside the intended directory by manipulating file path inputs with sequences like ../. Learn how to detect and prevent path traversal across languages.

Prototype pollution is a JavaScript vulnerability that allows attackers to inject properties into Object.prototype, affecting all objects in the application and potentially leading to RCE or privilege escalation.

Race conditions occur when application behavior depends on the timing of concurrent operations. TOCTOU flaws allow attackers to exploit the gap between check and use, leading to privilege escalation, double-spending, and data corruption.

Logging sensitive data such as passwords, tokens, PII, and credit card numbers creates security and compliance risks when logs are stored, transmitted, or accessed by unauthorized parties.

Server-Side Request Forgery occurs when an attacker can make a server-side application send HTTP requests to an attacker-chosen destination, enabling access to internal services, cloud metadata, and internal networks.

SSTI occurs when user input is embedded in server-side templates and evaluated as code, leading to remote code execution. Learn detection and prevention across Jinja2, Twig, Razor, and more.

SQL Injection occurs when untrusted input is concatenated into SQL queries, allowing attackers to read, modify, or delete database contents. Learn how to detect and prevent SQLi across languages.

Unrestricted file upload vulnerabilities allow attackers to upload malicious files that can lead to remote code execution, XSS, or server compromise. Learn validation and storage best practices.

Insecure cryptography occurs when applications use outdated, broken, or improperly configured cryptographic algorithms, making encrypted data vulnerable to decryption, tampering, or forgery.

Storing passwords with weak or fast hash algorithms (MD5, SHA-1, unsalted SHA-256) allows attackers to crack them rapidly after a database breach. Learn proper password hashing with bcrypt, Argon2, and PBKDF2.

XML External Entity (XXE) injection occurs when an application parses XML input containing references to external entities, allowing attackers to read local files, perform SSRF, or cause denial of service.

XML injection allows attackers to insert malicious XML content into documents, leading to data corruption, access control bypass, and manipulation of XML-based application logic.

XPath injection allows attackers to manipulate XML database queries to bypass authentication, extract unauthorized data, and enumerate XML document structure. Learn detection and secure parameterization.