Common Vulnerabilities
A reference guide to common security vulnerabilities and their mitigations.
SQL Injection (SQLi)
Injection of malicious SQL queries to manipulate backend databases.
CriticalCross-Site Scripting (XSS)
Injecting malicious scripts into web pages viewed by other users.
HighCSRF
Forcing an end user to execute unwanted actions on a web application.
HighRemote Code Execution (RCE)
Attacker can execute arbitrary code on the target server.
CriticalIDOR
Insecure Direct Object References allowing access to unauthorized data.
HighSSRF
Server-Side Request Forgery abusing server functionality to access internal resources.
HighLFI
Local File Inclusion allowing attackers to read internal files.
HighXXE
XML External Entity attack abusing XML parsers.
HighBroken Auth
Weaknesses in session management or credential handling.
Critical