HTTP Request Smuggling | |
Out-of-bounds Read | |
Arbitrary Code Injection | |
XML External Entity (XXE) Injection | |
Cleartext Transmission of Sensitive Information | |
Information Exposure | |
HTTP Response Splitting | |
Resource Exhaustion | |
HTTP Response Splitting | |
Reliance on Cookies without Validation and Integrity Checking | |
Arbitrary Code Injection | |
Null Byte Interaction Error (Poison Null Byte) | |
Resource Exhaustion | |
Out-of-bounds Read | |
Improper Input Validation | |
Arbitrary Command Injection | |
Out-of-bounds Read | |
HTTP Request Smuggling | |
Improper Input Validation | |
Improper Input Validation | |
Directory Traversal | |
Use of Externally-Controlled Format String | |
Resource Exhaustion | |
Directory Traversal | |
Directory Traversal | |
Cross-site Scripting (XSS) | |
CVE-2018-16396 | |
Improper Input Validation | |
Deserialization of Untrusted Data | |
Link Following | |
Improper Verification of Cryptographic Signature | |
HTTP Response Splitting | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Arbitrary Code Injection | |
Arbitrary Code Injection | |
Arbitrary Code Injection | |
Arbitrary Code Injection | |
CVE-2018-16395 | |
Cross-site Scripting (XSS) | |
Directory Traversal | |
Improper Input Validation | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Deserialization of Untrusted Data | |
Improper Verification of Cryptographic Signature | |
Link Following | |
Arbitrary Code Injection | |