Improper input validation
Improper input validation[1] or unchecked user input is a type of vulnerability in computer software that may be used for security exploits.[2]
Examples include:
- Buffer overflow
- Cross-site scripting
- Directory traversal
- Null byte injection
- SQL injection
- Uncontrolled format string
References
- ↑ "CWE-20: Improper Input Validation". Common Weakness Enumeration. MITRE. December 13, 2010. Retrieved February 22, 2011.
- ↑ Erickson, Jon (2008). Hacking: the art of exploitation. No Starch Press Series (2, illustrated ed.). Safari Books Online. ISBN 978-1-59327-144-2.
This article is issued from Wikipedia - version of the 3/19/2014. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.