Code Terms Starting With S — Glossary | CodeClarityLab

Browse by Category

+ added · ✎ updated 7d

⚖ Terms of Use

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared

Level All Beginner Intermediate Advanced Tag: injection ✕

✕ Clear A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Server-Side Includes (SSI) Injection

Attacker-controlled SSI directives (``) injected into pages parsed by Apache or another SSI-enabled server, achieving file disclosure or remote command execution.

CWE-97 OWASP A3:2021

1w ago security intermediate 9.8

Second-Order SQL Injection PHP 5.0+

Malicious data is safely stored in the database but later retrieved and used unsafely in a subsequent SQL query.

CWE-89 OWASP A3:2021

2mo ago security advanced 8.8

Diagram: Server-Side Request Forgery (SSRF)

Server-Side Request Forgery (SSRF) PHP 5.0+

The server is tricked into making HTTP requests to internal or unintended destinations on behalf of the attacker.

CWE-918 OWASP A10:2021

2mo ago security advanced 8.6

Server-Side Template Injection (SSTI) PHP 5.0+

User input is embedded directly into a server-side template, allowing arbitrary code execution on the server.

CWE-1336 OWASP A3:2021

2mo ago security advanced 9.8

Diagram: SQL Injection

SQL Injection PHP 5.1+

Unsanitised user input inserted directly into a SQL query, letting attackers read, modify, or delete database data.

CWE-89 OWASP A3:2021

2mo ago security intermediate 9.8

✓ schema.org compliant