-
[[SQL injection]] : Attack where a user input is not correctly filtered and is used to alter a SQL query or even execute other custom queries. http://en.wikipedia.org/wiki/SQL_injection
-
[[Cross Site Scripting]] XSS : Script that is being executed on a victim browser, and exploit a flawn of a given site to escape user input correctly.
http://en.wikipedia.org/wiki/Cross-site_scripting -
[[Buffer overflow]] : When an application don't have enough memory to write its data, the system behave in a un predicable way, and can give possibility to special attack
-
File system vulnerability : Wrong settings of the file system, where you allow user to upload files, change permission...