| Directory Traversal | |
| Incomplete List of Disallowed Inputs | |
| Exposure of Resource to Wrong Sphere | |
| Directory Traversal | |
| Symlink Attack | |
| Authorization Bypass Through User-Controlled Key | |
| Incorrect Authorization | |
| Improper Validation of Specified Quantity in Input | |
| Missing Authorization | |
| Incorrect Authorization | |
| Incorrect Privilege Assignment | |
| Cross-site Scripting (XSS) | |
| Authorization Bypass Through User-Controlled Key | |
| Incorrect Privilege Assignment | |
| Directory Traversal | |
| Integer Overflow or Wraparound | |
| Incorrect Permission Assignment for Critical Resource | |
| Directory Traversal | |
| Improper Handling of Case Sensitivity | |
| Incorrect Authorization | |
| Improper Authorization | |
| Insufficient Session Expiration | |
| Arbitrary Command Injection | |
| Authentication Bypass by Primary Weakness | |
| Brute Force | |
| Arbitrary Command Injection | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |