Top 10 2010-Main

From OWASP
Revision as of 16:08, 15 April 2010 by Neil Smithline (Talk | contribs)

Jump to: navigation, search
««««
Top 10 Introduction
Top 10 Risks
»»»»

OWASP Top 10 Application Security Risks 2010

A1-Injection Injection flaws, such as SQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data.
A2-Cross Site Scripting (XSS)

A3- Broken Authentication and Session Management

A4-Insecure Direct Object References

A5-Cross Site Request Forgery (CSRF)

A6-Security Misconfiguration

A7-Failure to Restrict URL Access

A8-Unvalidated Redirects and Forwards

A9-Insecure Cryptographic Storage

A10-Insufficient Transport Layer Protection


««««
Top 10 Introduction
Top 10 Risks
»»»»

© 2002-2010 OWASP Foundation This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license. Some rights reserved. CC-by-sa-3 0-88x31.png