User inputs
Here are the articles in this section:
File inclusion
Unrestricted file upload
SQL injection
XSS (Cross-Site Scripting)
CSRF (Cross-Site Request Forgery)
SSRF (Server-Side Request Forgery)
IDOR (Insecure Direct Object Reference)
ORED Open redirect
Content-Type juggling
XXE injection
Insecure JSON Web Tokens
Insecure Cookies
HTTP response splitting
🛠️ HTTP parameter pollution
🛠️ SSTI (Server-Side Template Injection)
🛠️ Insecure deserialization
🛠️ CRLF injection
🛠️ Arbitrary file download
🛠️ Directory traversal
🛠️ Null-byte injection
Last modified 1yr ago