Difference between revisions of "Top 10 2013-A1-Injection"

From OWASP
Jump to: navigation, search
Line 5: Line 5:
 
               |year=2013}}
 
               |year=2013}}
 
     |useprev=2013PrevLink
 
     |useprev=2013PrevLink
     |prev=Main
+
     |prev={{Top_10_2010:ByTheNumbers
 +
              |1
 +
              |year=2013}}
 
}}
 
}}
  
Line 21: Line 23:
 
{{Top_10_2010:SummaryTableEndTemplate}}
 
{{Top_10_2010:SummaryTableEndTemplate}}
  
          <table style="border: none; text-align: left; width: 100%; border-spacing:5px 5px;">
+
{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|number=1|risk=2|year=2013}}
              <tr>
+
blank
<td style="vertical-align: top; width: 50%">
+
{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|number=2|risk=2|year=2013}}
<div style=" padding: 5px; border: 3px solid #93b88b; background-color: #d9ead5">
+
 
+
<div style="font-style: bold; color: #000000; font-size: 150%;">Am I vulnerable to</div>
+
</div>
+
hardy har har har
+
{{Top_10_2010:SubsectionAdvancedTemplate-TEST|type={{Top_10_2010:StyleTemplate}}|number=2|risk=1|year=2013}}
+
 
blank
 
blank
 
#blankBullet1
 
#blankBullet1
 
#blankBullet2
 
#blankBullet2
</td></tr>
+
{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|number=3|risk=2|year=2013}}
<td style="vertical-align: top; width: 50%; padding: 5px; border: 3px solid #93b88b; background-color: {{Top_10_2010:background-color|year=2010}}">
+
blank
 
+
{{Top_10_2010:ExampleBeginTemplate}}<span style="color:red;">blank code</span>{{Top_10_2010:ExampleEndTemplate}}
<div style="font-style: bold; color: #000000; font-size: 150%;">Am I vulnerable to</div>
+
hardy har har har{{Top_10_2010:ExampleBeginTemplate}}<span style="color:red;">blank code</span>{{Top_10_2010:ExampleEndTemplate}}
+
 
blank
 
blank
 
{{Top_10_2010:ExampleBeginTemplate}}<nowiki>http://example.com/app/accountView?id=</nowiki><span style="color: red;">' or '1'='1</span>{{Top_10_2010:ExampleEndTemplate}}
 
{{Top_10_2010:ExampleBeginTemplate}}<nowiki>http://example.com/app/accountView?id=</nowiki><span style="color: red;">' or '1'='1</span>{{Top_10_2010:ExampleEndTemplate}}
 
blank
 
blank
{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|number=4|risk=1|year=2013}}
+
{{Top_10_2010:SubsectionAdvancedTemplate|type={{Top_10_2010:StyleTemplate}}|number=4|risk=2|year=2013}}
 
{{Top_10_2010:SubSubsectionOWASPReferencesTemplate}}
 
{{Top_10_2010:SubSubsectionOWASPReferencesTemplate}}
 
* [[SQL_Injection_Prevention_Cheat_Sheet | OWASP SQL Injection Prevention Cheat Sheet]]
 
* [[SQL_Injection_Prevention_Cheat_Sheet | OWASP SQL Injection Prevention Cheat Sheet]]
Line 56: Line 50:
 
               |year=2013}}
 
               |year=2013}}
 
     |useprev=2013PrevLink
 
     |useprev=2013PrevLink
     |prev=Main
+
     |prev={{Top_10_2010:ByTheNumbers
}}
+
              |1
 +
              |year=2013}}}}
  
 
[[Category:OWASP Top Ten Project]]
 
[[Category:OWASP Top Ten Project]]

Revision as of 15:37, 16 February 2013

[[Top 10 {{{year}}}-Injection|← Injection]]
2013 Table of Contents

2013 Top 10 List

[[Top 10 {{{year}}}-Broken Authentication and Session Management|Broken Authentication and Session Management →]]
Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts
Application Specific Exploitability
EASY
Prevalence
COMMON
Detectability
AVERAGE
Impact
SEVERE
Application / Business Specific
blank. blank blank blank blank
Am I Vulnerable To 'Broken Authentication and Session Management'?

blank

How Do I Prevent 'Broken Authentication and Session Management'?

blank

  1. blankBullet1
  2. blankBullet2
Example Attack Scenarios

blank

blank code

blank

http://example.com/app/accountView?id=' or '1'='1

blank

References

OWASP

External

[[Top 10 {{{year}}}-Injection|← Injection]]
2013 Table of Contents

2013 Top 10 List

[[Top 10 {{{year}}}-Broken Authentication and Session Management|Broken Authentication and Session Management →]]

© 2002-2013 OWASP Foundation This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license. Some rights reserved. CC-by-sa-3 0-88x31.png
[[Category:OWASP Top Ten {{{year}}} Project]]