Browse by Category

+ added · ✎ updated 7d

⚖ Terms of Use

Security terms

5 terms of 1444 total

🔒 Defending code from the threats that never sleep

Security vulnerabilities do not announce themselves — they wait quietly in code that looks perfectly fine on the surface. This category covers attack vectors, defensive techniques, secure coding practices, and the mental models that help you think like an attacker before one finds you. From SQL injection and XSS to authentication flaws and cryptographic pitfalls, understanding these terms is not optional — it is professional responsibility.

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared

Level All Beginner Intermediate Advanced

✕ Clear A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Weak Password Hash PHP 5.5+

Using MD5, SHA-1, or SHA-256 to hash passwords — fast algorithms designed for data integrity, not authentication, crackable in seconds with a GPU.

2mo ago security beginner

Weak Random Function PHP 7.0+

Using rand(), mt_rand(), or array_rand() for security-sensitive values — these are predictable pseudo-random generators not suitable for tokens, keys, or passwords.

2mo ago security intermediate

Weak Cryptography PHP 5.0+

Using MD5 or SHA1 for passwords or security tokens — both are cryptographically broken and trivially reversible.

CWE-327 OWASP A2:2021

2mo ago security intermediate 7.5

Weak Session ID PHP 5.0+

Session identifiers generated with insufficient entropy can be guessed or brute-forced, allowing session hijacking.

CWE-330 OWASP A2:2021

2mo ago security intermediate 8.1

Web Cache Deception

Tricking a cache into storing sensitive authenticated responses by appending a static-file-like suffix to a private URL.

CWE-524 OWASP A5:2021

2mo ago security advanced 7.5

✓ schema.org compliant