Top Ten Web Application Vulnerabilities

OWASP's Top Ten Most Critical Web Application Vulnerabilities

  1. Unvalidated Input
  2. Broken Access Control
  3. Broken Authentication and Session Management
  4. Cross Site Scripting (XSS) Flaws
  5. Buffer Overflows
  6. Injection Flaws
  7. Improper Error Handling
  8. Insecure Storage
  9. Denial of Service
  10. Insecure Configuration Management

Comments

Post a Comment

Popular posts from this blog

Websites that track traffic in Indian cities

Image
Although currently not very accurate, there are websites that track traffic in Indian cities - * (7/Sept/2012 Update) Google Maps Live Traffic -  Google Maps has started offering live traffic information for major roads in six large Indian cities and their surrounding suburbs: Bengaluru, Mumbai, New Delhi, Chennai, Pune and Hyderabad. The Google Maps feature of showing “typical” traffic conditions for a particular day and time, based on historical data is interesting. The live traffic info does not currently appear to be accurate. I've been following their map along the route I take & though Google Maps shows there is congestion (represented in red) the road has been unusually traffic free. In comparison, MapMyIndia does a better job - *  Traffic.MapMyIndia.com  - Currently shows traffic conditions in Delhi, Mumbai & Bangalore MapMyIndia uses information gathered from vehicle tracking systems that it has deployed with call centres as an enterprise...
Read more

HOW TO dynamically generate a Word document with custom header & footer

Image
Way back in 2004, a project I was working on required a web page to be exported as a Word document (.DOC). Without relying on any components, I utilized the Office XML & HTML technique to implement this feature. I posted my sample on CodeProject to seek feedback. Over the years, I've received some generous comments & feature requests. Many wanted to know how to add a header & footer to the dynamically generated Word document. With the help of the Microsoft Office HTML and XML Reference , I devised a hack to add a lacklustre header and/or footer . Some folks wanted to customize the contents of the header & footer but when they tried with my hack that offered limited functionality, the header/footer text showed up in the document body to their annoyance. This July, an ingenious developer posted a hack that can overcome this problem, in the Comments section of my CodeProject article. His practical workaround was to pack the duplicating header/footer text inside a t...
Read more

Search all your ebooks with a keyword by putting them on Google Drive

Image
If you research a lot and have a large collection of ebooks, you can search within those books first  before hitting the Web to search from external resources. If you upload these ebooks onto Google Drive, it will index the content for you. So when you have to search with a keyword, instead of searching each ebook individually you can use the search box within Google Drive. Google Drive was able to fetch results for a specified keyword from an uploaded ebook, even though I didn't ask for it to "Convert text from PDF and image files to Google documents". The "Convert text from PDF and image files to Google documents" feature only works PDF files less than 10MB in size. I found it annoying that Google doesn't validate the file size immediately upon upload but rather accepts the upload & then informs that it cannot convert thereby wasting bandwidth.
Read more