Top 10 OWASP Vulnerabilities
1. Injection Lightweight Directory Access Protocol (LDAP) query Injection, OS Command Injection and SQL Injection are all different kinds of injection flaws. Injection vulnerabilities usually occur whenever unsanitized, user-supplied input is concatenated with instructions before they're parsed. consider the developer of a router that permits users to ping remote servers for debugging purposes, let's say. the simplest way to do that is to execute the operating system's built-in ping command with the hostname the user provided, potentially opening a security flaw. This command is then parsed by the installed shell – bash , for example. However, most shells allow users to execute multiple commands in one line if they are separated by a semicolon. An attacker can abuse this fact by sending localhost; cat /etc/passwd to the application. Instead of executing only one command, as anticipated, the attacker succeeds in adding (injecting) another instruction into the qu