Improper input validation
Improper input validation[1] or unchecked user input is a type of vulnerability in computer software that may be used for security exploits.[2]
Examples include:
- Format string attack
- Buffer overflow
- Cross-site scripting
- Directory traversal
- SQL injection
- Asciiz exploit[3]
References
- ^ "CWE-20: Improper Input Validation". Common Weakness Enumeration. MITRE. December 13, 2010. Retrieved February 22, 2011.
- ^ Erickson, Jon (2008). Hacking: the art of exploitation. No Starch Press Series. Safari Books Online. ISBN 9781593271442.
{{cite book}}: Unknown parameter|Edition=ignored (|edition=suggested) (help) - ^ "Network security advisories article: Mod_Security ASCIIZ byte POST bypass Vulnerability". Emagined Security. July 15, 2008. Retrieved February 22, 2011.
 | This software article is a stub. You can help Wikipedia by expanding it. |