====== A Catalog of Security Vulnerabilities ======

Vulnerabilities are bad security smells.

[[security:functions:catalog|Security sensitive functinos]] are those PHP functions that are targets of various [[security:attack:catalog|security attacks]].

===== Informational Vulnerabilities =====

  * [[common_file_name|Common File Name Vulnerability]] - Using common file names makes your application an easier target for cgi scanners.
  * [[revealing_source_code|Revealed Source Code Vulnerability]] - The ability to see application source code can reveal sensitive information or reveal additional insecurities.
  * [[revealing_error_message|Revealing Error Message Vulnerability]] - Showing error message details can reveal targets for attack.
  * [[data_in_web_root|Sensitive Data in Web Root Vulnerability]] - Private files kept in the public Document Root directory can easily become public files.
  * [[session_files_on_shared_server|Session File Vulnerability]] - Sensitive data may be extracted from session files.
  * [[sensitive_data_in_globally_readable_file|Sensitive Data in Globally Readable File Vulnerability]] - private information such as database passwords in shared environment.
  * [[html_comments|Revealing HTML Comment Vulnerability]] - Information contained in HTML comments may reveal internal application details.
  * [[web_application_fingerprint|Web Application Fingerprint Vulnerability]] - An application specific fingerprint that makes scanning for the application easier.
  * [[php_fingerprint|PHP Fingerprint Vulnerability]] - Discovering that an application is written in PHP can suggest specific attacks to use against that application.
  * [[packet_sniffing|Packet Sniffing Vulnerability]] - Using the standard HTTP protocol, communication between the client browser and the web server can be "listened in on", allowing passwords to be captured and so on.

===== Attack Vulnerabilities =====

  * [[global_variable|Global Variable Vulnerability]] - Uninitialized global variables may be vulnerable to being overwritten.
  * [[default_password|Default Password Vulnerability]] - Default passwords may be well known
  * [[online_backup|Online Backup Vulnerability]] - older software versions or backup files available in the web root may be more exploitable.

===== Additional Information =====

  * See [[security:attack:catalog|security attacks catalog]].
  * See [[security:web_application_security|web application security]].