search
LinkedInGithub
githubEdit

User inputs

APIchevron-rightArbitrary file downloadchevron-rightContent-Type jugglingchevron-rightCRLF injectionchevron-rightCSRF (Cross-Site Request Forgery)chevron-rightDirectory traversalchevron-rightHTTP parameter pollutionchevron-rightIDOR (Insecure Direct Object Reference)chevron-rightInsecure deserializationchevron-rightInsecure JSON Web Tokenschevron-rightNull-byte injectionchevron-rightORED Open redirectchevron-rightSQL injectionchevron-rightSSRF (Server-Side Request Forgery)chevron-rightSSTI (Server-Side Template Injection)chevron-rightUnrestricted file uploadchevron-rightXSS (Cross-Site Scripting)chevron-rightXXE injectionchevron-rightFile inclusionchevron-right
PreviousWeb Application Firewall (WAF)NextAPI

Last updated