Difference between revisions of "Direct Dynamic Code Evaluation ('Eval Injection')"

Jump to: navigation, search
Line 20: Line 20:
[[Category:Lack of Input Validation]]
[[Category:Input Validation Vulnerability]]

Revision as of 13:40, 12 June 2006

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This is an Attack. To view all attacks, please see the Attack Category page.

This vulnerabilty can be exploited by code injection attacks and should be fixed using appropriate input validation on user input. This vulnerability is so specific so the attack that is used to exploit this vulnerability, "Eval Injection", is described in the same page.

Related Attacks

Code Injection

Injection Attacks

Related Countermeasures

Input Validation

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.