OWASP Top Ten 2007 Category A2 - Injection Flaws |
Category ID: 713 (Category) | Status: Incomplete |
Description Summary
Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2007.
Nature | Type | ID | Name | View(s) this relationship pertains to![]() |
---|---|---|---|---|
ParentOf | ![]() | 77 | Improper Sanitization of Special Elements used in a Command ('Command Injection') | Weaknesses in OWASP Top Ten (2007) (primary)629 |
ParentOf | ![]() | 89 | Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') | Weaknesses in OWASP Top Ten (2007) (primary)629 |
ParentOf | ![]() | 90 | Failure to Sanitize Data into LDAP Queries ('LDAP Injection') | Weaknesses in OWASP Top Ten (2007) (primary)629 |
ParentOf | ![]() | 91 | XML Injection (aka Blind XPath Injection) | Weaknesses in OWASP Top Ten (2007) (primary)629 |
ParentOf | ![]() | 93 | Failure to Sanitize CRLF Sequences ('CRLF Injection') | Weaknesses in OWASP Top Ten (2007) (primary)629 |
MemberOf | ![]() | 629 | Weaknesses in OWASP Top Ten (2007) | Weaknesses in OWASP Top Ten (2007) (primary)629 |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
7 | Blind SQL Injection | |
14 | Client-side Injection-induced Buffer Overflow | |
15 | Command Delimiters | |
23 | File System Function Injection, Content Based | |
93 | Log Injection-Tampering-Forging | |
88 | OS Command Injection | |
44 | Overflow Binary Resource File | |
101 | Server Side Include (SSI) Injection | |
66 | SQL Injection | |
75 | Manipulating Writeable Configuration Files | |
83 | XPath Injection | |
6 | Argument Injection | |
86 | Embedding Script (XSS ) in HTTP Headers | |
32 | Embedding Scripts in HTTP Query Strings | |
18 | Embedding Scripts in Nonscript Elements | |
19 | Embedding Scripts within Scripts | |
34 | HTTP Response Splitting | |
63 | Simple Script Injection | |
41 | Using Meta-characters in E-mail Headers to SecurityDatabase\Alert\Inject Malicious Payloads | |
81 | Web Logs Tampering | |
84 | XQuery Injection | |
91 | XSS in IMG Tags |