Unveiling 100 Web Vulnerabilities

The 100

I have come across a comprehensive categorization of 100 web vulnerabilities. It broadly covers a range of vulnerabilities that are recognized in web applications and related technologies. The categories and some key vulnerabilities are:

Injection Vulnerabilities

This category includes various types of injection flaws where untrusted data is sent to an interpreter as part of a command or query, like SQL, XML, or code injections. These are common and dangerous vulnerabilities.

1. SQL Injection (SQLi)
2. Cross-Site Scripting (XSS)
3. Cross-Site Request Forgery (CSRF)
4. Remote Code Execution (RCE)
5. Command Injection
6. XML Injection
7. LDAP Injection
8. XPath Injection
9. HTML Injection
10. Server-Side Includes (SSI) Injection
11. OS Command Injection
12. Blind SQL Injection
13. Server-Side Template Injection (SSTI)

Broken Authentication and Session Management

These vulnerabilities are related to flaws in authentication and session management functions, making it possible to compromise passwords, keys, or session tokens.

14. Session Fixation
15. Brute Force Attack
16. Session Hijacking
17. Password Cracking
18. Weak Password Storage
19. Insecure Authentication
20. Cookie Theft
21. Credential Reuse

Sensitive Data Exposure

Involves improper protection of sensitive data, like personal information, leading to risks of data theft.

22. Inadequate Encryption
23. Insecure Direct Object References (IDOR)
24. Data Leakage
25. Unencrypted Data Storage
26. Missing Security Headers
27. Insecure File Handling

Security Misconfiguration

Commonly occurs due to insecure default configurations, incomplete or ad hoc configurations, open cloud storage, misconfigured HTTP headers, and verbose error messages containing sensitive information.

28. Default Passwords
29. Directory Listing
30. Unprotected API Endpoints
31. Open Ports and Services
32. Improper Access Controls
33. Information Disclosure
34. Unpatched Software
35. Misconfigured CORS
36. HTTP Security Headers Misconfiguration

XML-Related Vulnerabilities

Specific to the handling of XML data and can lead to significant security issues.

37. XML External Entity (XXE) Injection
38. XML Entity Expansion (XEE)
39. XML Bomb

Broken Access Control

This category includes vulnerabilities where restrictions on what authenticated users are allowed to do are not properly enforced.

40. Inadequate Authorization
41. Privilege Escalation
42. Insecure Direct Object References
43. Forceful Browsing
44. Missing Function-Level Access Control

Insecure Deserialization

This can lead to remote code execution, replay attacks, injection attacks, and privilege escalation attacks.

45. Remote Code Execution via Deserialization
46. Data Tampering
47. Object Injection

API Security Issues

Pertains to vulnerabilities specifically in API (Application Programming Interface) implementations.

48. Insecure API Endpoints
49. API Key Exposure
50. Lack of Rate Limiting
51. Inadequate Input Validation

Insecure Communication

Relates to vulnerabilities where data in transit is not adequately secured, allowing attackers to intercept or modify data.

52. Man-in-the-Middle (MITM) Attack
53. Insufficient Transport Layer Security
54. Insecure SSL/TLS Configuration
55. Insecure Communication Protocols

Client-Side Vulnerabilities

Focuses on vulnerabilities that exist in the client-side code of web applications.

56. DOM-based XSS
57. Insecure Cross-Origin Communication
58. Browser Cache Poisoning
59. Clickjacking
60. HTML5 Security Issues

Denial of Service (DoS)

These attacks aim to make a machine or network resource unavailable to its intended users.

61. Distributed Denial of Service (DDoS)
62. Application Layer DoS
63. Resource Exhaustion
64. Slowloris Attack
65. XML Denial of Service

Other Web Vulnerabilities

A broad category covering various other types of vulnerabilities.

66. Server-Side Request Forgery (SSRF)
67. HTTP Parameter Pollution (HPP)
68. Insecure Redirects and Forwards
69. File Inclusion Vulnerabilities
70. Security Header Bypass
71. Clickjacking
72. Inadequate Session Timeout
73. Insufficient Logging and Monitoring
74. Business Logic Vulnerabilities
75. API Abuse

Mobile Web Vulnerabilities

Specific to web applications running on mobile devices.

76. Insecure Data Storage on Mobile Devices
77. Insecure Data Transmission on Mobile Devices
78. Insecure Mobile API Endpoints
79. Mobile App Reverse Engineering

IoT Web Vulnerabilities

Related to the unique security challenges posed by Internet of Things (IoT) devices.

80. Insecure IoT Device Management
81. Weak Authentication on IoT Devices
82. IoT Device Vulnerabilities

Web of Things (WoT) Vulnerabilities

Focuses on vulnerabilities in the Web of Things, which extends the IoT with web technologies.

83. Unauthorized Access to Smart Homes
84. IoT Data Privacy Issues

Authentication Bypass

Concerns vulnerabilities that allow attackers to bypass authentication mechanisms.

85. Insecure “Remember Me” Functionality
86. CAPTCHA Bypass

Server-Side Request Forgery (SSRF)

Involves sending forged requests from a vulnerable server to another system.

87. Blind SSR
88. Time-Based Blind SSRF

Content Spoofing

Refers to the ability of an attacker to create a piece of content on a website that is not part of the original site.

89. MIME Sniffing
90. X-Content-Type-Options Bypass
91. Content Security Policy (CSP) Bypass

Business Logic Flaws

Involves exploiting the legitimate processing flows of an application to achieve a malicious outcome.

92. Inconsistent Validation
93. Race Conditions
94. Order Processing Vulnerabilities
95. Price Manipulation
96. Account Enumeration
97. User-Based Flaws

Zero-Day Vulnerabilities

Refers to vulnerabilities that are unknown to the parties responsible for patching or fixing the flaw.

98. Unknown Vulnerabilities
99. Unpatched Vulnerabilities
100. Day-Zero Exploits

References

• https://github.com/manikanta-suru/100-web-vulnerabilities-names-