Category:Vulnerability

Application Security Vulnerability Types

This category is for common types of software vulnerabilities, both design flaws and implementation bugs. OWASP takes the position that there is no single best taxonomy into which these articles can be organized. Instead, we tag our articles with all the attributes that apply to allow for better searching and sorting. You can, of course, sort these articles on a single dimesion, such as the associated threat, countermeasure, or impact. Please do not post any actual vulnerabilities in products, services, or web applications. Those disclosure reports should be posted to bugtraq or full-disclosure.

For a great overview, check out the OWASP Top Ten Project. You can read about the top vulnerabilities and download a paper that covers them in detail. Many organizations and agencies use the Top Ten as a way of creating awareness about application security.

Every article has a defined structure. Please read the details of How To Add a Vulnerability before creating a new article.