| SQL Injection |
|
|
|
| Cross-site scripting |
|
|
|
| Cross-site request forgery (CSRF) |
|
|
|
| Clickjacking |
|
|
|
| DOM-based vulnerabilities |
|
|
|
| Cross-origin resource sharing (CORS) |
|
|
|
| XML external entity (XXE) injection |
|
|
|
| Server-side request forgery (SSRF) |
|
|
|
| HTTP request smuggling |
|
|
|
| OS command injection |
|
|
|
| Server-side template injection |
|
|
|
| Directory traversal |
|
|
|
| Access control vulnerabilities |
|
|
|
| Authentication |
|
|
|
| Web cache poisoning |
|
|
|
| Insecure deserialization |
|
|
|
| HTTP Host header attacks |
|
|
|
| OAuth authentication |
|
|
|
| File upload vulnerabilities |
|
|
|
| JWT |
|
|
|