References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-867 CWE
SQL Injection Prevention Cheat Sheet
OWASP
1 citation(s)
REF-868 CWE
SQL Injection Attacks by Example
Steven Friedl · 2007
1 citation(s)
REF-869 CWE
SQL Injection Cheat Sheet
Ferruh Mavituna · 2007
1 citation(s)
REF-870 CWE
The Database Hacker's Handbook: Defending Database Servers
David Litchfield, Chris Anley, John Heasman, Bill Grindlay · 2005
1 citation(s)
REF-871 CWE
The Oracle Hacker's Handbook: Hacking and Defending Oracle
David Litchfield · 2007
1 citation(s)
REF-872 CWE
SQL Injection
Microsoft · 2008
1 citation(s)
REF-873 CWE
SQL Injection Attack
Microsoft Security Vulnerability Research & Defense
1 citation(s)
REF-874 CWE
Giving SQL Injection the Respect it Deserves
Michael Howard · 2008
1 citation(s)
REF-875 CWE
Top 25 Series - Rank 2 - SQL Injection
Frank Kim · 2010
1 citation(s)
REF-879 CWE
Web Applications and LDAP Injection
SPI Dynamics
1 citation(s)
REF-882 CWE
Blind XPath Injection
Amit Klein · 2004
1 citation(s)
REF-884 CWE
Windows Kernel Reference Count Vulnerabilities - Case Study
Mateusz "j00ru" Jurczyk · 2012
1 citation(s)
REF-885 CWE
Shocking News in PHP Exploitation
Stefan Esser · 2009
1 citation(s)
REF-886 CWE
"Two Security Vulnerabilities in the Spring Framework's MVC" pdf (from 2008)
Dinis Cruz
1 citation(s)
REF-887 CWE
Two Security Vulnerabilities in the Spring Framework's MVC
Ryan Berg, Dinis Cruz
1 citation(s)
REF-888 CWE
Best Practices for ASP.NET MVC
ASPNETUE · 2010
1 citation(s)
REF-889 CWE
Mass assignment in Rails applications
Michael Hartl · 2008
1 citation(s)
REF-890 CWE
Secure your Rails apps!
Tobi · 2012
1 citation(s)
REF-891 CWE
Ruby On Rails Security Guide
Heiko Webers
1 citation(s)
REF-892 CWE
Mass Assignment Vulnerability in ASP.NET MVC
Josh Bush · 2012
1 citation(s)
REF-893 CWE
6 Ways To Avoid Mass Assignment in ASP.NET MVC
K. Scott Allen · 2012
1 citation(s)
REF-894 CWE
PHP Object Injection
Egidio Romano · 2013
1 citation(s)
REF-908 CWE
Password hashing at scale
Solar Designer · 2012
1 citation(s)
REF-909 CWE
New developments in password hashing: ROM-port-hard functions
Solar Designer · 2012
1 citation(s)
REF-911 CWE
Expression Language Injection
Stefano Di Paola, Arshan Dabirsiaghi · 2011
1 citation(s)
REF-912 CWE
Remote Code with Expression Language Injection
Dan Amodio · 2012
1 citation(s)
REF-913 CWE
SSRF vs. Business-critical applications: XXE tunneling in SAP
Alexander Polyakov, Dmitry Chastukhin · 2012
1 citation(s)
REF-914 CWE
SSRF vs. Business-critical Applications. Part 1: XXE Tunnelling in SAP NetWeaver
Alexander Polyakov, Dmitry Chastukhin, Alexey Tyurin
1 citation(s)
REF-915 CWE
Cross Site Port Attacks - XSPA - Part 1
Riyaz Ahemed Walikar · 2012
1 citation(s)
REF-916 CWE
Cross Site Port Attacks - XSPA - Part 2
Riyaz Ahemed Walikar · 2012
1 citation(s)
REF-917 CWE
Cross Site Port Attacks - XSPA - Part 3
Riyaz Ahemed Walikar · 2012
1 citation(s)
REF-918 CWE
SSRF attacks and sockets: smorgasbord of vulnerabilities
Vladimir Vorontsov, Alexander Golovko
1 citation(s)
REF-919 CWE
SSRF bible. Cheatsheet
ONsec Lab · 2013
1 citation(s)
REF-920 CWE
Web Portals: Gateway To Information, Or A Hole In Our Perimeter Defenses
Deral Heiland · 2008
1 citation(s)
REF-921 CWE
Security Tips
Android Open Source Project · 2013
1 citation(s)
REF-922 CWE
Analyzing Inter-Application Communication in Android
Erika Chin, Adrienne Porter Felt, Kate Greenwood, David Wagner
2 citation(s)
REF-923 CWE
Security Tips
Android Open Source Project · 2013
2 citation(s)
REF-926 CWE
Top 10 2013
· 2013
REF-927 CWE
Top 10 2013-A1-Injection
OWASP
REF-928 CWE
CRLF Injection
Ulf Harnhammar · 2002
1 citation(s)
REF-929 CWE
Top 10 2013-A2-Broken Authentication and Session Management
OWASP
REF-930 CWE
Top 10 2013-A3-Cross-Site Scripting (XSS)
OWASP
REF-931 CWE
Top 10 2013-A4-Insecure Direct Object References
OWASP
REF-932 CWE
Top 10 2013-A5-Security Misconfiguration
OWASP
REF-933 CWE
Top 10 2013-A6-Sensitive Data Exposure
OWASP
REF-934 CWE
Top 10 2013-A7-Missing Function Level Access Control
OWASP
REF-935 CWE
Top 10 2013-A8-Cross-Site Request Forgery (CSRF)
OWASP
REF-936 CWE
Top 10 2013-A9-Using Components with Known Vulnerabilities
OWASP
REF-937 CWE
Top 10 2013-A10-Unvalidated Redirects and Forwards
OWASP
REF-938 CWE
Scheming for Privacy and Security
Guillaume Ross · 2013
1 citation(s)
« 9 / 21 »