| 100000001 |
XSS |
HTML Tag Injection - script |
All Systems |
Signature |
200000097 |
|
|
|
|
|
Signature |
200001088 |
|
|
|
|
|
Signature |
200000099 |
| 100000002 |
XSS |
HTML Attribute Injection - onmouseover |
All Systems |
Signature |
200101163 |
|
|
|
|
|
Signature |
200101162 |
|
|
|
|
|
Signature |
200101164 |
| 100000003 |
XSS |
HTML Attribute Injection - onmouseover |
All Systems |
Signature |
200001406 |
|
|
|
|
|
Signature |
200001405 |
|
|
|
|
|
Signature |
200001404 |
| 100000004 |
SQL Injection |
SQL-Injection - integer field UNION |
General Database |
Signature |
200002554 |
|
|
|
|
|
Signature |
200002611 |
|
|
|
|
|
Signature |
200002495 |
| 100000005 |
SQL Injection |
Blind SQL-Injection |
General Database |
Signature |
200002546 |
|
|
|
|
|
Signature |
200002045 |
|
|
|
|
|
Signature |
200001404 |
| 100000006 |
SQL Injection |
Authentication Bypass SQL Injection |
General Database |
Signature |
200002836 |
|
|
|
|
|
Signature |
200002835 |
|
|
|
|
|
Signature |
200002837 |
| 100000007 |
NoSQL Injection |
MongoDB Injection - db.getCollectionNames() |
MongoDB |
Signature |
200002784 |
|
|
|
|
|
Signature |
200002783 |
|
|
|
|
|
Signature |
200002785 |
| 100000008 |
Command Execution |
Linux Command Execution - uname() |
Unix/Linux |
Signature |
200003412 |
|
|
|
|
|
Signature |
200003921 |
|
|
|
|
|
Signature |
200100315 |
| 100000009 |
Command Execution |
Windows Command Exeuction - powershell |
Microsoft Windows |
Signature |
200003574 |
|
|
|
|
|
Signature |
200003573 |
|
|
|
|
|
Signature |
200003575 |
| 100000010 |
Path Traversal |
Path Traversal |
All Systems |
Signature |
200003055 |
|
|
|
|
|
Signature |
200003054 |
| 100000011 |
Predictable Resource Location |
Predictable Resource Location |
All Systems |
Signature |
200001404 |
| 100000012 |
HTTP Protocol Compliance |
Null in request |
All Systems |
Violation |
HTTP protocol compliance - Null in request |
| 100000013 |
Detection Evasion |
Alternative Datastream Access |
Microsoft Windows |
Signature |
200001404 |
| 100000014 |
Insecure Deserialization |
Insecure Deserialization - node.js |
node.js |
Signature |
200004283 |
|
|
|
|
|
Signature |
200004282 |
|
|
|
|
|
Signature |
200004284 |
| 100000015 |
Insecure Deserialization |
Insecure Deserialization - PHP |
PHP |
Signature |
200004189 |
|
|
|
|
|
Signature |
200004188 |
|
|
|
|
|
Signature |
200004190 |
| 100000016 |
Information Leakage |
Illegal Method TRACE |
All systems |
Violation |
Illegal Method |
| 100000017 |
JSON Parser Attack |
Malformed JSON |
All systems |
Violation |
Malformed JSON data |
| 100000018 |
XML Parser Attack |
Malformed XML |
All systems |
Violation |
Malformed XML data |
| 100000019 |
HTTP Parser Attack |
Cookie not RFC-compliant |
All systems |
Violation |
Cookies - not RFC-compliant |
| 100000020 |
HTTP Parser Attack |
Cookie not RFC-compliant |
All systems |
Violation |
Cookies - not RFC-compliant |
| 100000021 |
HTTP Parser Attack |
Wrong HTTP Protocol Version |
All systems |
Violation |
HTTP protocol compliance failed |
| 100000022 |
HTTP Request Smuggling |
HTTP Desync Attack Attempt |
All systems |
Signature |
200018061 |
| 100000023 |
Server Side Request Forgery |
SSRF attempt (AWS Metadata Server) |
All systems |
Signature |
200018040 |
| 100000024 |
Server Side Request Forgery |
SSRF attempt - Local network IP range 10.x.x.x |
All systems |
Signature |
200020201 |