| Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
|
CWE-88
|
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
|
|
CWE-150
|
Improper Neutralization of Escape, Meta, or Control Sequences
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-713
|
OWASP Top Ten 2007 Category A2 - Injection Flaws
|
|
| OS Command Injection |
|
CWE-20
|
Improper Input Validation
|
|
CWE-78
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
|
|
CWE-88
|
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-713
|
OWASP Top Ten 2007 Category A2 - Injection Flaws
|
|
| Parameter Injection |
|
CWE-88
|
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
|
|
| Flash Parameter Injection |
|
CWE-88
|
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
|
|
| HTTP Parameter Pollution (HPP) |
|
CWE-88
|
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
|
|
CWE-147
|
Improper Neutralization of Input Terminators
|
|
CWE-235
|
Improper Handling of Extra Parameters
|
|