CodeClarityLab / Glossary
Ctrl K
← Home ← Codex ← DEBT
Browse by Category
+ added · updated 7d
⚖ Terms of Use ✉ Contact

Intermediate terms

3 terms of 1487 total

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced
✕ Clear A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
XML Entity Expansion (Billion Laughs / XXE) PHP 5.0+
Denial-of-service via exponentially nested XML entities (Billion Laughs) or SSRF/file-read via external entity references (XXE).
CWE-611 OWASP A5:2021
3mo ago security intermediate 9.1
XML Injection PHP 5.0+ 🧠 1
Unsanitised user input injected into XML documents alters their structure, potentially corrupting data or enabling further attacks.
CWE-91 OWASP A3:2021
3mo ago security intermediate 7.5
XPath Injection PHP 5.0+
Unsanitised input manipulates XPath queries against XML documents, enabling data extraction or authentication bypass.
CWE-643 OWASP A3:2021
3mo ago security intermediate 7.5
✓ schema.org compliant