Published list of common web vulnerabilities
The company Positive Technologies presented statistics on the vulnerabilities of web applications in 2006, writes Prime-TASS .
A total of 111,936 scans were conducted, during which 129 197 different high and medium risk vulnerabilities were discovered. Vulnerable were 31 113 sites. Low risk vulnerabilities were not included in the report.
The most common vulnerability class "cross-site scripting", relating to the average degree of risk. It allows you to perform an arbitrary scripting language in the client’s browser in order to steal identity data, substitute the contents of pages, and conduct phishing attacks.
')
The second most polarized vulnerability of the “SQL statement injection” class, with which attackers can read and modify information in the database used by the web application.
In third place are a variety of vulnerabilities that lead to leakage of important information from the server.
A total of 111,936 scans were conducted, during which 129 197 different high and medium risk vulnerabilities were discovered. Vulnerable were 31 113 sites. Low risk vulnerabilities were not included in the report.
The most common vulnerability class "cross-site scripting", relating to the average degree of risk. It allows you to perform an arbitrary scripting language in the client’s browser in order to steal identity data, substitute the contents of pages, and conduct phishing attacks.
')
The second most polarized vulnerability of the “SQL statement injection” class, with which attackers can read and modify information in the database used by the web application.
In third place are a variety of vulnerabilities that lead to leakage of important information from the server.
Source: https://habr.com/ru/post/2616/
All Articles