XML Bombs An XML bomb is a small but dangerous message that is composed and sent with the intent of overwhelming the program that parses XML files. XML External Entity An XML External Entity (XXE) attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. XML Injection XML Injection is an attack technique used to manipulate or compromise the logic of an XML application or service. XPath Injection XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents. XQuery Injection XQuery Injection uses improperly validated data that is passed to XQuery commands. This in turn will execute commands on behalf of the attacker that the XQuery routines have access to. Zero-day Attack A zero-day attack (also referred to as Day Zero) is an attack that exploits a potentially serious hardware, firmware, or software security weakness that the vendor or developer may be unaware of. Previous ... 13 14 15 16 17 18 Next 16 17 18
XML Bombs An XML bomb is a small but dangerous message that is composed and sent with the intent of overwhelming the program that parses XML files.
XML External Entity An XML External Entity (XXE) attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser.
XML Injection XML Injection is an attack technique used to manipulate or compromise the logic of an XML application or service.
XPath Injection XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents.
XQuery Injection XQuery Injection uses improperly validated data that is passed to XQuery commands. This in turn will execute commands on behalf of the attacker that the XQuery routines have access to.
Zero-day Attack A zero-day attack (also referred to as Day Zero) is an attack that exploits a potentially serious hardware, firmware, or software security weakness that the vendor or developer may be unaware of.