Web Application Vulnerabilities and Potential Problem Due to Bad
Design
- Input Validation: Attacks performed by embedding malicious strings in query strings, form fields ,cookies , and Http headers. (Command execution,cross-site scripting(XSS),SQL injection ,buffer overflow attacks).
- Authentication : spoofing,password cracking, and unauthorized access.
- Authorization : Access to confidential or restricted data,tampering and execution of unauthorized operations
- Configuration Management : Unauthorized access to administrative interfaces,unauthorized access to user accounts and profiles.
- Sensitive Data : Information disclosure and data tampering
- Auditing Logging : Failure to identify the intrusion,difficulties of identification
- Session Management : Capturing the session and hijacking them
- Cryptography : Breaking the Encrypted data by using encrypt and decrypt algorithms
- Exception Management : Handling the exceptions if the exceptions are not handled properly there may be a chance to crash the application.
No comments:
Post a Comment