Q
Detector Library
Ruby detectors (21/21)
SQL InjectionDivide by ZeroSensitive HTTP ActionInsufficient Protected CredentialsSensitive Information LeakUntrusted DeserializationLog InjectionXML External EntityPath InjectionHttp to File AccessCode InjectionOS Command InjectionResource leakCross Site Scripting (XSS)Untrusted OpenImproper Input ValidationStack Trace ExposureImproper Certificate Validationsend_file InjectionUnsafe File PermissionsTainted Format
Tag: owasp-top10
XML External Entity
Objects that parse or handle XML can lead to XML External Entity (XXE) attacks when misconfigured.
Code Injection
User input is used in eval command.
Improper Certificate Validation
Lack of validation of a security certificate can lead to host impersonation and sensitive data leaks.