AppSec Blog

Top 25 Series - Summary and Links

As requested here are the links to all the posts on the Top 25 Most Dangerous Programming Errors. Please let us know if you have any suggestions or comments.

1 - Cross-Site Scripting (XSS)
2 - SQL Injection
3 - Classic Buffer Overflow
4 - Cross-Site Request Forgery (CSRF)
5 - Improper Access Control (Authorization)
6 - Reliance on Untrusted Inputs in a Security Decision
7 - Path Traversal
8 - Unrestricted Upload of Dangerous File Type
9 - OS Command Injection
10 - Missing Encryption of Sensitive Data
11 - Hardcoded Credentials
12 - Buffer Access with Incorrect Length Value
13 - PHP File Inclusion
14 - Improper Validation of Array Index
15 - Improper Check for Unusual or Exceptional Conditions
16 - Information Exposure Through an Error Message
17 - Integer Overflow Or Wraparound
18 - Incorrect Calculation of Buffer Size
19 - Missing Authentication for Critical Function
20 - Download of Code Without Integrity Check
21 - Incorrect Permission Assignment for Critical Response
22 - Allocation of Resources Without Limits or Throttling
23 - Open Redirect
24 - Use of a Broken or Risky Cryptographic Algorithm
25 - Race Conditions

1 Comments

Posted June 21, 2010 at 11:46 AM | Permalink | Reply

kandi

good one''.this post will definitely help while programming and also when we debug the the whole program.

Post a Comment - Cancel Reply






Captcha


* Indicates a required field.