| A1 Injection
|
ANDROID.LIFECYCLE.SV.GETEXTRA
SV.DATA.BOUND
SV.DATA.DB
SV.EXEC
SV.PATH.INJ
SV.SQL
SV.SQL.DBSOURCE
|
| A2 Broken Authentication and Session Management
|
SV.EXEC.DIR
SV.EXEC.ENV
SV.LDAP
SV.TMPFILE
|
| A3 Cross-Site Scripting (XSS)
|
SV.XSS.DB
SV.XSS.REF
|
| A4 Insecure Direct Object References
|
SV.PATH
|
| A5 Security Misconfiguration
|
ECC.EMPTY
EXC.BROADTHROWS
JD.CATCH
JD.FINRET
JD.UNCAUGHT
SV.IL.DEV
SV.IL.FILE
UMC.SYSERR
UMC.SYSOUT
|
| A6 Sensitive Data Exposure
|
SV.PASSWD.HC
SV.PASSWD.HC.EMPTY
SV.PASSWD.PLAIN
SV.RANDOM
SV.SENSITIVE.DATA
SV.SENSITIVE.OBJ
|
| A8 Cross-Site Request Forgery (CSRF)
|
SV.CSRF.GET
SV.CSRF.ORIGIN
SV.CSRF.TOKEN
|
| A10 Unvalidated Redirects and Forwards
|
SV.EMAIL
SV.HTTP_SPLIT
SV.LOG_FORGING
SV.TAINT
SV.TAINT_NATIVE
SV.XPATH
|