API_2023_API10 on ZAP

Buffer Overflow

Mon, 01 Jan 0001 00:00:00 +0000

Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way.

CRLF Injection

Mon, 01 Jan 0001 00:00:00 +0000

Cookie can be set via CRLF injection. It may also be possible to set arbitrary HTTP response headers. In addition, by carefully crafting the injected response using cross-site script, cache poisoning vulnerability may also exist.

Exponential Entity Expansion (Billion Laughs Attack)

Mon, 01 Jan 0001 00:00:00 +0000

An exponential entity expansion, or “billion laughs” attack is a type of denial-of-service (DoS) attack. It is aimed at parsers of markup languages like XML or YAML that allow macro expansions.

Expression Language Injection

Mon, 01 Jan 0001 00:00:00 +0000

The software constructs all or part of an expression language (EL) statement in a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed. In certain versions of Spring 3.0.5 and earlier, there was a vulnerability (CVE-2011-2730) in which Expression Language tags would be evaluated twice, which effectively exposed any application to EL injection. However, even for later versions, this weakness is still possible depending on configuration.

Format String Error

Mon, 01 Jan 0001 00:00:00 +0000

A Format String error occurs when the submitted data of an input string is evaluated as a command by the application.

Integer Overflow Error

Mon, 01 Jan 0001 00:00:00 +0000

An integer overflow condition exists when an integer used in a compiled program extends beyond the range limits and has not been properly checked from the input stream.

NoSQL Injection - MongoDB

Mon, 01 Jan 0001 00:00:00 +0000

MongoDB query injection may be possible.

NoSQL Injection - MongoDB (Time Based)

Mon, 01 Jan 0001 00:00:00 +0000

MongoDB query injection may be possible.

Remote File Inclusion

Mon, 01 Jan 0001 00:00:00 +0000

Remote File Include (RFI) is an attack technique used to exploit “dynamic file include” mechanisms in web applications. When web applications take user input (URL, parameter value, etc.) and pass them into file include commands, the web application might be tricked into including remote files with malicious code.

Remote OS Command Injection

Mon, 01 Jan 0001 00:00:00 +0000

Attack technique used for unauthorized execution of operating system commands. This attack is possible when an application accepts untrusted input to build operating system commands in an insecure manner involving improper data sanitization, and/or improper calling of external programs.

Remote OS Command Injection (Time Based)

Mon, 01 Jan 0001 00:00:00 +0000

Server Side Code Injection - ASP Code Injection

Mon, 01 Jan 0001 00:00:00 +0000

A code injection may be possible including custom code that will be evaluated by the scripting engine.

Server Side Code Injection - PHP Code Injection

Mon, 01 Jan 0001 00:00:00 +0000

A code injection may be possible including custom code that will be evaluated by the scripting engine.

Server Side Include

Mon, 01 Jan 0001 00:00:00 +0000

Certain parameters may cause Server Side Include commands to be executed. This may allow database connection or arbitrary code to be executed.

Server Side Template Injection

Mon, 01 Jan 0001 00:00:00 +0000

When the user input is inserted in the template instead of being used as argument in rendering is evaluated by the template engine. Depending on the template engine it can lead to remote code execution.

Server Side Template Injection (Blind)

Mon, 01 Jan 0001 00:00:00 +0000

SOAP Action Spoofing

Mon, 01 Jan 0001 00:00:00 +0000

An unintended SOAP operation was executed by the server.

SOAP XML Injection

Mon, 01 Jan 0001 00:00:00 +0000

Some XML injected code has been interpreted by the server.

SQL Injection

Mon, 01 Jan 0001 00:00:00 +0000

SQL injection may be possible.

XML External Entity Attack

Mon, 01 Jan 0001 00:00:00 +0000

This technique takes advantage of a feature of XML to build documents dynamically at the time of processing. An XML message can either provide data explicitly or by pointing to an URI where the data exists. In the attack technique, external entities may replace the entity value with malicious data, alternate referrals or may compromise the security of the data the server/XML application has access to. Attackers may also use External Entities to have the web services server download malicious code or content to the server for use in secondary or follow on attacks.

XPath Injection

Mon, 01 Jan 0001 00:00:00 +0000

XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents. It can be used directly by an application to query an XML document, as part of a larger operation such as applying an XSLT transformation to an XML document, or applying an XQuery to an XML document. The syntax of XPath bears some resemblance to an SQL query, and indeed, it is possible to form SQL-like queries on an XML document using XPath.

XSLT Injection

Mon, 01 Jan 0001 00:00:00 +0000

Injection using XSL transformations may be possible, and may allow an attacker to read system information, read and write files, or execute arbitrary code.