ASD Cyber Security - Complete Vulnerabilities Database

#001

Account Lockout Policy Not Implemented

Authentication

Low

CVSS: 6.5/10

Attack Pattern

In this vulnerability, an attacker can repeatedly attempt to guess usernames and passwords without facing any restrictions or account lockouts.

Impact

Attackers can perform unlimited brute-force or credential-stuffing attacks, leading to unauthorized access. Weak passwords are easily guessed, increasing account takeover risks.

Recommendation

Enforce account lockout after 5-10 failed attempts (temporary lockout or CAPTCHA). Monitor and log failed logins. Implement MFA for sensitive accounts. Use rate-limiting to prevent automation.

Tools Used

Hydra Burp Suite Intruder Medusa

CWE-307 OWASP Account Lockout Cheat Sheet

#002

Sensitive Data in URL (GET)

Information Disclosure

Medium

CVSS: 7.5/10

Attack Pattern

When sensitive information is passed in URL query parameters, it becomes logged in browser history, server logs, and third-party analytics tools.

Impact

GET requests expose credentials/tokens in browser history, logs, or proxies. Attackers can steal data via MITM, caching, or indexed URLs.

Recommendation

Use POST requests for sensitive data. Encrypt all data with HTTPS (TLS 1.2+). Disable URL caching. Store session tokens in secure cookies only.

Tools Used

Browser URL Bar Burp Suite Developer Tools

CWE-598 OWASP Transport Layer Protection

#003

Anti-CSRF Token Missing

CSRF

Informative

CVSS: 6.8/10

Attack Pattern

Applications that allow state-changing operations without using unpredictable and user-specific CSRF tokens are vulnerable.

Impact

Attackers forge requests (e.g., fund transfers) using a victim's active session. Browsers automatically send cookies, enabling unauthorized actions.

Recommendation

Generate unique CSRF tokens per session. Validate tokens server-side for state-changing requests. Use SameSite cookie attributes.

Tools Used

Burp Suite (Proxy + Repeater) Manual HTML Inspection

CWE-352 OWASP CSRF Prevention

#026

Vulnerability 26 - XSS

Injection

Informative

CVSS: 3.4/10

Attack Pattern

Attack pattern description for vulnerability 26

Impact

Potential impact description for vulnerability 26. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-414 OWASP Reference Guide

#027

Vulnerability 27 - CSRF

CSRF

Low

CVSS: 7.1/10

Attack Pattern

Attack pattern description for vulnerability 27

Impact

Potential impact description for vulnerability 27. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-630 OWASP Reference Guide

#028

Vulnerability 28 - LFI

Access Control

High

CVSS: 5/10

Attack Pattern

Attack pattern description for vulnerability 28

Impact

Potential impact description for vulnerability 28. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-613 OWASP Reference Guide

#029

Vulnerability 29 - SQL Injection

Cryptography

Medium

CVSS: 4.5/10

Attack Pattern

Attack pattern description for vulnerability 29

Impact

Potential impact description for vulnerability 29. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-308 OWASP Reference Guide

#030

Vulnerability 30 - SQL Injection

File Upload

Low

CVSS: 8/10

Attack Pattern

Attack pattern description for vulnerability 30

Impact

Potential impact description for vulnerability 30. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-977 OWASP Reference Guide

#031

Vulnerability 31 - RCE

Configuration

Low

CVSS: 3.4/10

Attack Pattern

Attack pattern description for vulnerability 31

Impact

Potential impact description for vulnerability 31. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-208 OWASP Reference Guide

#032

Vulnerability 32 - CSRF

CSRF

Medium

CVSS: 4.7/10

Attack Pattern

Attack pattern description for vulnerability 32

Impact

Potential impact description for vulnerability 32. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-330 OWASP Reference Guide

#033

Vulnerability 33 - XSS

Configuration

Informative

CVSS: 3.7/10

Attack Pattern

Attack pattern description for vulnerability 33

Impact

Potential impact description for vulnerability 33. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-832 OWASP Reference Guide

#034

Vulnerability 34 - LFI

File Upload

Informative

CVSS: 9.2/10

Attack Pattern

Attack pattern description for vulnerability 34

Impact

Potential impact description for vulnerability 34. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-491 OWASP Reference Guide

#035

Vulnerability 35 - SQL Injection

Session Management

Low

CVSS: 6.1/10

Attack Pattern

Attack pattern description for vulnerability 35

Impact

Potential impact description for vulnerability 35. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-861 OWASP Reference Guide

#036

Vulnerability 36 - CSRF

File Upload

Low

CVSS: 8.3/10

Attack Pattern

Attack pattern description for vulnerability 36

Impact

Potential impact description for vulnerability 36. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-824 OWASP Reference Guide

#037

Vulnerability 37 - SSRF

Authentication

Critical

CVSS: 5.6/10

Attack Pattern

Attack pattern description for vulnerability 37

Impact

Potential impact description for vulnerability 37. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-302 OWASP Reference Guide

#038

Vulnerability 38 - XSS

Session Management

Informative

CVSS: 3.8/10

Attack Pattern

Attack pattern description for vulnerability 38

Impact

Potential impact description for vulnerability 38. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-521 OWASP Reference Guide

#039

Vulnerability 39 - LFI

File Upload

Informative

CVSS: 7.8/10

Attack Pattern

Attack pattern description for vulnerability 39

Impact

Potential impact description for vulnerability 39. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-802 OWASP Reference Guide

#040

Vulnerability 40 - RCE

Access Control

Low

CVSS: 7.4/10

Attack Pattern

Attack pattern description for vulnerability 40

Impact

Potential impact description for vulnerability 40. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-130 OWASP Reference Guide

#041

Vulnerability 41 - SQL Injection

CSRF

High

CVSS: 5.8/10

Attack Pattern

Attack pattern description for vulnerability 41

Impact

Potential impact description for vulnerability 41. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-591 OWASP Reference Guide

#042

Vulnerability 42 - RFI

Injection

Medium

CVSS: 5.8/10

Attack Pattern

Attack pattern description for vulnerability 42

Impact

Potential impact description for vulnerability 42. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-309 OWASP Reference Guide

#043

Vulnerability 43 - LFI

Information Disclosure

High

CVSS: 7.6/10

Attack Pattern

Attack pattern description for vulnerability 43

Impact

Potential impact description for vulnerability 43. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-628 OWASP Reference Guide

#044

Vulnerability 44 - LFI

Configuration

Low

CVSS: 6/10

Attack Pattern

Attack pattern description for vulnerability 44

Impact

Potential impact description for vulnerability 44. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-308 OWASP Reference Guide

#045

Vulnerability 45 - XXE

Information Disclosure

Medium

CVSS: 6.8/10

Attack Pattern

Attack pattern description for vulnerability 45

Impact

Potential impact description for vulnerability 45. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-593 OWASP Reference Guide

#046

Vulnerability 46 - XSS

Information Disclosure

Low

CVSS: 7.4/10

Attack Pattern

Attack pattern description for vulnerability 46

Impact

Potential impact description for vulnerability 46. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-404 OWASP Reference Guide

#047

Vulnerability 47 - SSRF

File Upload

Medium

CVSS: 7.1/10

Attack Pattern

Attack pattern description for vulnerability 47

Impact

Potential impact description for vulnerability 47. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-121 OWASP Reference Guide

#048

Vulnerability 48 - SSRF

File Upload

Critical

CVSS: 5.9/10

Attack Pattern

Attack pattern description for vulnerability 48

Impact

Potential impact description for vulnerability 48. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-774 OWASP Reference Guide

#049

Vulnerability 49 - RCE

Authentication

Medium

CVSS: 5.5/10

Attack Pattern

Attack pattern description for vulnerability 49

Impact

Potential impact description for vulnerability 49. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-785 OWASP Reference Guide

#050

Vulnerability 50 - SSRF

File Upload

Medium

CVSS: 3.2/10

Attack Pattern

Attack pattern description for vulnerability 50

Impact

Potential impact description for vulnerability 50. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-942 OWASP Reference Guide

#051

Vulnerability 51 - SQL Injection

XSS

Critical

CVSS: 5/10

Attack Pattern

Attack pattern description for vulnerability 51

Impact

Potential impact description for vulnerability 51. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-920 OWASP Reference Guide

#052

Vulnerability 52 - RCE

Access Control

Informative

CVSS: 5.8/10

Attack Pattern

Attack pattern description for vulnerability 52

Impact

Potential impact description for vulnerability 52. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-861 OWASP Reference Guide

#053

Vulnerability 53 - XSS

Authentication

Critical

CVSS: 3.3/10

Attack Pattern

Attack pattern description for vulnerability 53

Impact

Potential impact description for vulnerability 53. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-266 OWASP Reference Guide

#054

Vulnerability 54 - SQL Injection

Configuration

Critical

CVSS: 8.6/10

Attack Pattern

Attack pattern description for vulnerability 54

Impact

Potential impact description for vulnerability 54. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-176 OWASP Reference Guide

#055

Vulnerability 55 - SSRF

Cryptography

Medium

CVSS: 8.7/10

Attack Pattern

Attack pattern description for vulnerability 55

Impact

Potential impact description for vulnerability 55. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-926 OWASP Reference Guide

#056

Vulnerability 56 - LFI

Session Management

High

CVSS: 3.6/10

Attack Pattern

Attack pattern description for vulnerability 56

Impact

Potential impact description for vulnerability 56. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-330 OWASP Reference Guide

#057

Vulnerability 57 - LFI

Information Disclosure

Low

CVSS: 3.4/10

Attack Pattern

Attack pattern description for vulnerability 57

Impact

Potential impact description for vulnerability 57. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-791 OWASP Reference Guide

#058

Vulnerability 58 - SSRF

CSRF

Critical

CVSS: 6.3/10

Attack Pattern

Attack pattern description for vulnerability 58

Impact

Potential impact description for vulnerability 58. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-532 OWASP Reference Guide

#059

Vulnerability 59 - RCE

Information Disclosure

High

CVSS: 5.4/10

Attack Pattern

Attack pattern description for vulnerability 59

Impact

Potential impact description for vulnerability 59. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-850 OWASP Reference Guide

#060

Vulnerability 60 - RCE

Authentication

Critical

CVSS: 7.5/10

Attack Pattern

Attack pattern description for vulnerability 60

Impact

Potential impact description for vulnerability 60. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-616 OWASP Reference Guide

#061

Vulnerability 61 - SQL Injection

Access Control

Critical

CVSS: 3.7/10

Attack Pattern

Attack pattern description for vulnerability 61

Impact

Potential impact description for vulnerability 61. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-240 OWASP Reference Guide

#062

Vulnerability 62 - RCE

Information Disclosure

Informative

CVSS: 3/10

Attack Pattern

Attack pattern description for vulnerability 62

Impact

Potential impact description for vulnerability 62. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-190 OWASP Reference Guide

#063

Vulnerability 63 - SSRF

Cryptography

Low

CVSS: 8.5/10

Attack Pattern

Attack pattern description for vulnerability 63

Impact

Potential impact description for vulnerability 63. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-638 OWASP Reference Guide

#064

Vulnerability 64 - XXE

XSS

Critical

CVSS: 3.3/10

Attack Pattern

Attack pattern description for vulnerability 64

Impact

Potential impact description for vulnerability 64. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-821 OWASP Reference Guide

#065

Vulnerability 65 - XSS

Information Disclosure

High

CVSS: 4.4/10

Attack Pattern

Attack pattern description for vulnerability 65

Impact

Potential impact description for vulnerability 65. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-237 OWASP Reference Guide

#066

Vulnerability 66 - RFI

XSS

Medium

CVSS: 5.2/10

Attack Pattern

Attack pattern description for vulnerability 66

Impact

Potential impact description for vulnerability 66. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-635 OWASP Reference Guide

#067

Vulnerability 67 - XSS

XSS

High

CVSS: 8.1/10

Attack Pattern

Attack pattern description for vulnerability 67

Impact

Potential impact description for vulnerability 67. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-114 OWASP Reference Guide

#068

Vulnerability 68 - XXE

XSS

Medium

CVSS: 6.1/10

Attack Pattern

Attack pattern description for vulnerability 68

Impact

Potential impact description for vulnerability 68. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-510 OWASP Reference Guide

#069

Vulnerability 69 - CSRF

Configuration

Low

CVSS: 7.7/10

Attack Pattern

Attack pattern description for vulnerability 69

Impact

Potential impact description for vulnerability 69. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-726 OWASP Reference Guide

#070

Vulnerability 70 - XSS

Cryptography

High

CVSS: 7.8/10

Attack Pattern

Attack pattern description for vulnerability 70

Impact

Potential impact description for vulnerability 70. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-656 OWASP Reference Guide

#071

Vulnerability 71 - SSRF

CSRF

Critical

CVSS: 4.1/10

Attack Pattern

Attack pattern description for vulnerability 71

Impact

Potential impact description for vulnerability 71. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-259 OWASP Reference Guide

#072

Vulnerability 72 - XSS

Cryptography

Informative

CVSS: 7.2/10

Attack Pattern

Attack pattern description for vulnerability 72

Impact

Potential impact description for vulnerability 72. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-812 OWASP Reference Guide

#073

Vulnerability 73 - CSRF

Session Management

Critical

CVSS: 7.6/10

Attack Pattern

Attack pattern description for vulnerability 73

Impact

Potential impact description for vulnerability 73. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-591 OWASP Reference Guide

#074

Vulnerability 74 - LFI

Authentication

High

CVSS: 8.6/10

Attack Pattern

Attack pattern description for vulnerability 74

Impact

Potential impact description for vulnerability 74. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-665 OWASP Reference Guide

#075

Vulnerability 75 - SSRF

XSS

Low

CVSS: 3.3/10

Attack Pattern

Attack pattern description for vulnerability 75

Impact

Potential impact description for vulnerability 75. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-820 OWASP Reference Guide

#076

Vulnerability 76 - XSS

Configuration

Informative

CVSS: 4.9/10

Attack Pattern

Attack pattern description for vulnerability 76

Impact

Potential impact description for vulnerability 76. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-121 OWASP Reference Guide

#077

Vulnerability 77 - XXE

Session Management

Medium

CVSS: 6.8/10

Attack Pattern

Attack pattern description for vulnerability 77

Impact

Potential impact description for vulnerability 77. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-399 OWASP Reference Guide

#078

Vulnerability 78 - SQL Injection

Injection

Critical

CVSS: 6.7/10

Attack Pattern

Attack pattern description for vulnerability 78

Impact

Potential impact description for vulnerability 78. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-960 OWASP Reference Guide

#079

Vulnerability 79 - RFI

Access Control

Informative

CVSS: 9.8/10

Attack Pattern

Attack pattern description for vulnerability 79

Impact

Potential impact description for vulnerability 79. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-813 OWASP Reference Guide

#080

Vulnerability 80 - LFI

Injection

High

CVSS: 4.6/10

Attack Pattern

Attack pattern description for vulnerability 80

Impact

Potential impact description for vulnerability 80. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-157 OWASP Reference Guide

#081

Vulnerability 81 - RFI

CSRF

High

CVSS: 4.5/10

Attack Pattern

Attack pattern description for vulnerability 81

Impact

Potential impact description for vulnerability 81. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-738 OWASP Reference Guide

#082

Vulnerability 82 - SQL Injection

Cryptography

Medium

CVSS: 5.5/10

Attack Pattern

Attack pattern description for vulnerability 82

Impact

Potential impact description for vulnerability 82. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-989 OWASP Reference Guide

#083

Vulnerability 83 - RCE

Injection

Informative

CVSS: 3.5/10

Attack Pattern

Attack pattern description for vulnerability 83

Impact

Potential impact description for vulnerability 83. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-216 OWASP Reference Guide

#084

Vulnerability 84 - SSRF

Information Disclosure

Informative

CVSS: 7.6/10

Attack Pattern

Attack pattern description for vulnerability 84

Impact

Potential impact description for vulnerability 84. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-171 OWASP Reference Guide

#085

Vulnerability 85 - SSRF

Session Management

Critical

CVSS: 4.8/10

Attack Pattern

Attack pattern description for vulnerability 85

Impact

Potential impact description for vulnerability 85. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-894 OWASP Reference Guide

#086

Vulnerability 86 - RFI

Access Control

Critical

CVSS: 6.8/10

Attack Pattern

Attack pattern description for vulnerability 86

Impact

Potential impact description for vulnerability 86. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-699 OWASP Reference Guide

#087

Vulnerability 87 - RFI

Cryptography

Critical

CVSS: 8/10

Attack Pattern

Attack pattern description for vulnerability 87

Impact

Potential impact description for vulnerability 87. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-293 OWASP Reference Guide

#088

Vulnerability 88 - SSRF

Injection

Low

CVSS: 5/10

Attack Pattern

Attack pattern description for vulnerability 88

Impact

Potential impact description for vulnerability 88. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-223 OWASP Reference Guide

#089

Vulnerability 89 - XXE

Access Control

Critical

CVSS: 4.6/10

Attack Pattern

Attack pattern description for vulnerability 89

Impact

Potential impact description for vulnerability 89. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-327 OWASP Reference Guide

#090

Vulnerability 90 - RCE

Configuration

Critical

CVSS: 4.7/10

Attack Pattern

Attack pattern description for vulnerability 90

Impact

Potential impact description for vulnerability 90. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-170 OWASP Reference Guide

#091

Vulnerability 91 - CSRF

Authentication

Informative

CVSS: 7.8/10

Attack Pattern

Attack pattern description for vulnerability 91

Impact

Potential impact description for vulnerability 91. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-147 OWASP Reference Guide

#092

Vulnerability 92 - RFI

Authentication

High

CVSS: 3.7/10

Attack Pattern

Attack pattern description for vulnerability 92

Impact

Potential impact description for vulnerability 92. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-309 OWASP Reference Guide

#093

Vulnerability 93 - CSRF

Information Disclosure

Low

CVSS: 9.7/10

Attack Pattern

Attack pattern description for vulnerability 93

Impact

Potential impact description for vulnerability 93. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-574 OWASP Reference Guide

#094

Vulnerability 94 - RCE

Cryptography

High

CVSS: 5.6/10

Attack Pattern

Attack pattern description for vulnerability 94

Impact

Potential impact description for vulnerability 94. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-131 OWASP Reference Guide

#095

Vulnerability 95 - RCE

Injection

Low

CVSS: 6.9/10

Attack Pattern

Attack pattern description for vulnerability 95

Impact

Potential impact description for vulnerability 95. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-688 OWASP Reference Guide

#096

Vulnerability 96 - XSS

Configuration

Medium

CVSS: 3.6/10

Attack Pattern

Attack pattern description for vulnerability 96

Impact

Potential impact description for vulnerability 96. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-650 OWASP Reference Guide

#097

Vulnerability 97 - SSRF

Cryptography

High

CVSS: 8.5/10

Attack Pattern

Attack pattern description for vulnerability 97

Impact

Potential impact description for vulnerability 97. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-942 OWASP Reference Guide

#098

Vulnerability 98 - SSRF

File Upload

Critical

CVSS: 3.9/10

Attack Pattern

Attack pattern description for vulnerability 98

Impact

Potential impact description for vulnerability 98. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-594 OWASP Reference Guide

#099

Vulnerability 99 - CSRF

Authentication

Medium

CVSS: 7.1/10

Attack Pattern

Attack pattern description for vulnerability 99

Impact

Potential impact description for vulnerability 99. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-784 OWASP Reference Guide

#100

Vulnerability 100 - XSS

CSRF

High

CVSS: 3.9/10

Attack Pattern

Attack pattern description for vulnerability 100

Impact

Potential impact description for vulnerability 100. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-322 OWASP Reference Guide

#101

Vulnerability 101 - XXE

Authentication

Informative

CVSS: 9.7/10

Attack Pattern

Attack pattern description for vulnerability 101

Impact

Potential impact description for vulnerability 101. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-816 OWASP Reference Guide

#102

Vulnerability 102 - CSRF

File Upload

Critical

CVSS: 9.5/10

Attack Pattern

Attack pattern description for vulnerability 102

Impact

Potential impact description for vulnerability 102. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-923 OWASP Reference Guide

#103

Vulnerability 103 - LFI

Information Disclosure

High

CVSS: 6.3/10

Attack Pattern

Attack pattern description for vulnerability 103

Impact

Potential impact description for vulnerability 103. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-732 OWASP Reference Guide

#104

Vulnerability 104 - RFI

XSS

Critical

CVSS: 6.4/10

Attack Pattern

Attack pattern description for vulnerability 104

Impact

Potential impact description for vulnerability 104. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-281 OWASP Reference Guide

#105

Vulnerability 105 - SQL Injection

XSS

Informative

CVSS: 8.8/10

Attack Pattern

Attack pattern description for vulnerability 105

Impact

Potential impact description for vulnerability 105. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-823 OWASP Reference Guide

#106

Vulnerability 106 - SSRF

File Upload

Informative

CVSS: 8.2/10

Attack Pattern

Attack pattern description for vulnerability 106

Impact

Potential impact description for vulnerability 106. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-939 OWASP Reference Guide

#107

Vulnerability 107 - XXE

File Upload

High

CVSS: 3/10

Attack Pattern

Attack pattern description for vulnerability 107

Impact

Potential impact description for vulnerability 107. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-648 OWASP Reference Guide

#108

Vulnerability 108 - XXE

CSRF

High

CVSS: 4.9/10

Attack Pattern

Attack pattern description for vulnerability 108

Impact

Potential impact description for vulnerability 108. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-161 OWASP Reference Guide

#109

Vulnerability 109 - LFI

CSRF

Critical

CVSS: 3.1/10

Attack Pattern

Attack pattern description for vulnerability 109

Impact

Potential impact description for vulnerability 109. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-458 OWASP Reference Guide

#110

Vulnerability 110 - RFI

CSRF

Informative

CVSS: 8/10

Attack Pattern

Attack pattern description for vulnerability 110

Impact

Potential impact description for vulnerability 110. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-322 OWASP Reference Guide

#111

Vulnerability 111 - RCE

File Upload

High

CVSS: 7.4/10

Attack Pattern

Attack pattern description for vulnerability 111

Impact

Potential impact description for vulnerability 111. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-134 OWASP Reference Guide

#112

Vulnerability 112 - XXE

CSRF

Medium

CVSS: 5.8/10

Attack Pattern

Attack pattern description for vulnerability 112

Impact

Potential impact description for vulnerability 112. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-947 OWASP Reference Guide

#113

Vulnerability 113 - SQL Injection

Injection

High

CVSS: 5.4/10

Attack Pattern

Attack pattern description for vulnerability 113

Impact

Potential impact description for vulnerability 113. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-911 OWASP Reference Guide

#114

Vulnerability 114 - RCE

Cryptography

Critical

CVSS: 9/10

Attack Pattern

Attack pattern description for vulnerability 114

Impact

Potential impact description for vulnerability 114. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-673 OWASP Reference Guide

#115

Vulnerability 115 - SQL Injection

File Upload

Medium

CVSS: 8.7/10

Attack Pattern

Attack pattern description for vulnerability 115

Impact

Potential impact description for vulnerability 115. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-182 OWASP Reference Guide

#116

Vulnerability 116 - XXE

XSS

Critical

CVSS: 7.3/10

Attack Pattern

Attack pattern description for vulnerability 116

Impact

Potential impact description for vulnerability 116. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-894 OWASP Reference Guide

#117

Vulnerability 117 - SQL Injection

Authentication

High

CVSS: 6.6/10

Attack Pattern

Attack pattern description for vulnerability 117

Impact

Potential impact description for vulnerability 117. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-465 OWASP Reference Guide

#118

Vulnerability 118 - CSRF

Access Control

Medium

CVSS: 8.4/10

Attack Pattern

Attack pattern description for vulnerability 118

Impact

Potential impact description for vulnerability 118. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-851 OWASP Reference Guide

#119

Vulnerability 119 - SQL Injection

Cryptography

High

CVSS: 4.5/10

Attack Pattern

Attack pattern description for vulnerability 119

Impact

Potential impact description for vulnerability 119. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-904 OWASP Reference Guide

#120

Vulnerability 120 - RFI

XSS

High

CVSS: 8.9/10

Attack Pattern

Attack pattern description for vulnerability 120

Impact

Potential impact description for vulnerability 120. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-282 OWASP Reference Guide

#121

Vulnerability 121 - LFI

Session Management

High

CVSS: 4.2/10

Attack Pattern

Attack pattern description for vulnerability 121

Impact

Potential impact description for vulnerability 121. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-129 OWASP Reference Guide

#122

Vulnerability 122 - XXE

Injection

Medium

CVSS: 6.3/10

Attack Pattern

Attack pattern description for vulnerability 122

Impact

Potential impact description for vulnerability 122. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-124 OWASP Reference Guide

#123

Vulnerability 123 - XXE

Cryptography

Informative

CVSS: 3.3/10

Attack Pattern

Attack pattern description for vulnerability 123

Impact

Potential impact description for vulnerability 123. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-488 OWASP Reference Guide

#124

Vulnerability 124 - SQL Injection

CSRF

Medium

CVSS: 9.8/10

Attack Pattern

Attack pattern description for vulnerability 124

Impact

Potential impact description for vulnerability 124. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-306 OWASP Reference Guide

#125

Vulnerability 125 - SSRF

Configuration

Low

CVSS: 8.9/10

Attack Pattern

Attack pattern description for vulnerability 125

Impact

Potential impact description for vulnerability 125. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-962 OWASP Reference Guide

#126

Vulnerability 126 - SQL Injection

Configuration

Medium

CVSS: 3/10

Attack Pattern

Attack pattern description for vulnerability 126

Impact

Potential impact description for vulnerability 126. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-465 OWASP Reference Guide

#127

Vulnerability 127 - SSRF

Information Disclosure

Medium

CVSS: 6.6/10

Attack Pattern

Attack pattern description for vulnerability 127

Impact

Potential impact description for vulnerability 127. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-904 OWASP Reference Guide

#128

Vulnerability 128 - RFI

Information Disclosure

Medium

CVSS: 9.4/10

Attack Pattern

Attack pattern description for vulnerability 128

Impact

Potential impact description for vulnerability 128. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-668 OWASP Reference Guide

#129

Vulnerability 129 - SSRF

CSRF

High

CVSS: 7.2/10

Attack Pattern

Attack pattern description for vulnerability 129

Impact

Potential impact description for vulnerability 129. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-926 OWASP Reference Guide

#130

Vulnerability 130 - XSS

Session Management

Medium

CVSS: 3.6/10

Attack Pattern

Attack pattern description for vulnerability 130

Impact

Potential impact description for vulnerability 130. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-588 OWASP Reference Guide

#131

Vulnerability 131 - CSRF

Information Disclosure

Informative

CVSS: 8.1/10

Attack Pattern

Attack pattern description for vulnerability 131

Impact

Potential impact description for vulnerability 131. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-370 OWASP Reference Guide

#132

Vulnerability 132 - CSRF

Information Disclosure

Low

CVSS: 7.1/10

Attack Pattern

Attack pattern description for vulnerability 132

Impact

Potential impact description for vulnerability 132. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-179 OWASP Reference Guide

#133

Vulnerability 133 - LFI

Access Control

High

CVSS: 4.2/10

Attack Pattern

Attack pattern description for vulnerability 133

Impact

Potential impact description for vulnerability 133. This could lead to data exposure or system compromise.

Recommendation

Implement proper validation and security controls. Use secure coding practices.

Tools Used

Burp Suite OWASP ZAP Manual Testing

CWE-154 OWASP Reference Guide