Security — Code Glossary | CodeClarityLab

Browse by Category

+ added · ✎ updated 7d

⚖ Terms of Use ✉ Contact

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared

Level All Beginner Intermediate Advanced

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Supply Chain Attack PHP 5.0+

An attacker compromises a trusted third-party dependency, build tool, or package to inject malicious code into downstream applications.

CWE-1357 OWASP A6:2021

3mo ago security advanced 9.0

Timing Attack PHP 5.6+

Measuring how long a comparison takes reveals information about secret values — use hash_equals() to prevent it.

CWE-208 OWASP A2:2021

3mo ago security advanced 5.9

Unicode Normalisation Attack PHP 5.3+

Exploiting differences in Unicode normalisation forms to bypass input filters — two visually identical strings that differ at the byte level.

CWE-176 OWASP A3:2021

3mo ago security advanced 5.3

Web Cache Deception

Tricking a cache into storing sensitive authenticated responses by appending a static-file-like suffix to a private URL.

CWE-524 OWASP A5:2021

3mo ago security advanced 7.5

XML External Entity (XXE) PHP 5.0+

A vulnerable XML parser processes external entity references, letting attackers read local files or trigger SSRF.

CWE-611 OWASP A5:2021

3mo ago security advanced 8.2

← Prev 1 2 3

✓ schema.org compliant