Fortify Audit Workbench 筆記索引
- Password Management: Password in Configuration File(明文存儲密碼)
//www.cnblogs.com/mahongbiao/p/12496042.html - Command Injection(命令注入)
//www.cnblogs.com/mahongbiao/p/12494308.html - Unreleased Resource: Database 未釋放資源:資料庫
//www.cnblogs.com/mahongbiao/p/12494278.html - SQL Injection SQL注入
//www.cnblogs.com/mahongbiao/p/12494234.html - Path Manipulation 路徑篡改
//www.cnblogs.com/mahongbiao/p/12494108.html - Header Manipulation HTTP請求頭篡改
//www.cnblogs.com/mahongbiao/p/12494057.html - Dynamic Code Evaluation: Code Injection 動態程式碼執行:程式碼注入
//www.cnblogs.com/mahongbiao/p/12493998.html - Cross-Site Scripting: Persistent XSS
//www.cnblogs.com/mahongbiao/p/12493915.html - Cookie Security: Cookie not Sent Over SSL Cookie未使用SSL加密
//www.cnblogs.com/mahongbiao/p/12493365.html - Access Control: Database 資料庫訪問控制
//www.cnblogs.com/mahongbiao/p/12493343.html - File Disclosure: Spring 文件泄露(Spring框架)
//www.cnblogs.com/mahongbiao/p/12862858.html - Privacy Violation 隱私泄露
//www.cnblogs.com/mahongbiao/p/12862884.html - Privacy Violation: Heap Inspection 隱私泄露(堆檢查)
//www.cnblogs.com/mahongbiao/p/12862885.html - Race Condition: Singleton Member Field 競爭條件:單例的成員欄位
//www.cnblogs.com/mahongbiao/p/12862899.html
