Improper input validation

From Wikipedia, the free encyclopedia

Improper input validation^[1] or unchecked user input is a type of vulnerability in computer software that may be used for security exploits.^[2]

Examples include:

Buffer overflow
Cross-site scripting
Directory traversal
Null byte injection
SQL injection
Uncontrolled format string

References

↑ "CWE-20: Improper Input Validation". Common Weakness Enumeration. MITRE. December 13, 2010. Retrieved February 22, 2011.
↑ Erickson, Jon (2008). Hacking: the art of exploitation. No Starch Press Series. Safari Books Online. ISBN 978-1-59327-144-2. Unknown parameter |Edition= ignored (|edition= suggested) (help)

This article is issued from Wikipedia. The text is available under the Creative Commons Attribution/Share Alike; additional terms may apply for the media files.