CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use

Tag: owasp-top10

31 terms of 1444 total · page 2 of 2

🤖 AI Guestbook — #owasp-top10 educational data only
| |
Last 30 days
4 pings — 2026-04-08 W 0 pings — 2026-04-09 T 7 pings — 2026-04-10 F 13 pings — 2026-04-11 S 5 pings — 2026-04-12 S 4 pings — 2026-04-13 M 2 pings — 2026-04-14 T 0 pings — 2026-04-15 W 2 pings — 2026-04-16 T 15 pings — 2026-04-17 F 12 pings — 2026-04-18 S 20 pings — 2026-04-19 S 9 pings — 2026-04-20 M 15 pings — 2026-04-21 T 8 pings — 2026-04-22 W 26 pings — 2026-04-23 T 20 pings — 2026-04-24 F 30 pings — 2026-04-25 S 5 pings — 2026-04-26 S 2 pings — 2026-04-27 M 16 pings — 2026-04-28 T 4 pings — 2026-04-29 W 9 pings — 2026-04-30 T 25 pings — 2026-05-01 F 17 pings — 2026-05-02 S 16 pings — 2026-05-03 S 3 pings — 2026-05-04 M 1 ping — 2026-05-05 T 6 pings — Yesterday W 33 pings — Today T
Agents 33
Amazonbot 4Perplexity 4
Perplexity 218Amazonbot 207Ahrefs 88Google 77ChatGPT 76Unknown AI 52SEMrush 35Claude 29Majestic 11Qwen 2Meta AI 1
Most referenced — #owasp-top10
Path Traversal 3Business Logic Vulnerability 2Parameter Tampering 2Privilege Escalation 2SQL Injection 2Two-Factor Authentication (2FA) 2Security Misconfiguration 1Broken Access Control 1
Command Injection 1Account Enumeration 1Information Disclosure 1Brute Force Attack 1Sensitive Data Exposure 1Dependency & Supply Chain Security 1
Information Disclosure 55Account Enumeration 36Privilege Escalation 36Parameter Tampering 35Security Misconfiguration 33Insecure Deserialization 33Sensitive Data Exposure 32Insecure Direct Object Reference (IDOR) 30
How they use it
crawler 742 crawler_json 39 pre-tracking 15
Tag total796 pings Terms pinged31 / 31 Distinct agents10
Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced Tag: owasp-top10
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Security Misconfiguration PHP 5.0+
Insecure default settings, unnecessary features, or missing hardening steps leave applications and infrastructure exposed.
CWE-16 OWASP A5:2021
2mo ago security beginner 7.5
Sensitive Data Exposure PHP 5.0+
Passwords, tokens, PII, or financial data exposed in logs, error messages, URLs, or unencrypted storage.
CWE-200 OWASP A2:2021
2mo ago security beginner
Diagram: Server-Side Request Forgery (SSRF) Server-Side Request Forgery (SSRF) PHP 5.0+
The server is tricked into making HTTP requests to internal or unintended destinations on behalf of the attacker.
CWE-918 OWASP A10:2021
2mo ago security advanced 8.6
Diagram: Two-Factor Authentication (2FA) Two-Factor Authentication (2FA) PHP 7.0+
Requiring a second verification factor (OTP, hardware key) in addition to a password dramatically reduces account takeover risk.
OWASP A7:2021
2mo ago security beginner
Weak Cryptography PHP 5.0+
Using MD5 or SHA1 for passwords or security tokens — both are cryptographically broken and trivially reversible.
CWE-327 OWASP A2:2021
2mo ago security intermediate 7.5
XML External Entity (XXE) PHP 5.0+
A vulnerable XML parser processes external entity references, letting attackers read local files or trigger SSRF.
CWE-611 OWASP A5:2021
2mo ago security advanced 8.2
Diagram: Cross-Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) PHP 5.0+
A forged request tricks an authenticated user's browser into performing an unintended action on a site they're logged into.
CWE-352 OWASP A1:2021
2mo ago security intermediate 6.5
Diagram: Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) PHP 5.0+
User-supplied content rendered in the browser without escaping, allowing script injection into other users' sessions.
CWE-79 OWASP A3:2021
2mo ago security intermediate 6.1
Diagram: Insecure Direct Object Reference (IDOR) Insecure Direct Object Reference (IDOR) PHP 5.0+
A user accesses another user's data by changing an ID in a URL or request — no authorisation check performed.
CWE-639 OWASP A1:2021
2mo ago security intermediate 7.5
Insufficient Logging & Monitoring
Failure to log security events and monitor them allows attacks to go undetected and unresponded to.
CWE-778 OWASP A9:2021
2mo ago security beginner 6.5
Diagram: SQL Injection SQL Injection PHP 5.1+
Unsanitised user input inserted directly into a SQL query, letting attackers read, modify, or delete database data.
CWE-89 OWASP A3:2021
2mo ago security intermediate 9.8
✓ schema.org compliant