4. A1: InjectionA1: Injection
A2: Broken
Authentication
and Session
Management
A2: Broken
Authentication
and Session
Management
A3: Cross-Site
Scripting
(XSS)
A3: Cross-Site
Scripting
(XSS)
A4: Insecure
Direct Object
References
A4: Insecure
Direct Object
References
A5: Security
Misconfigurati
on
A5: Security
Misconfigurati
on
A6: Sensitive
Data Exposure
A6: Sensitive
Data Exposure
A7: Missing
Function Level
Access
Control
A7: Missing
Function Level
Access
Control
A8: Cross Site
Request
Forgery
(CSRF)
A8: Cross Site
Request
Forgery
(CSRF)
A9: Using
Known
Vulnerable
Components
A9: Using
Known
Vulnerable
Components
A10:
Unvalidated
Redirects and
Forwards
A10:
Unvalidated
Redirects and
Forwards
12. Fatal errors :
● Fatal error occurred due to attacker activity, which needs to be taken seriously and must be fixed and
analyzed for the cause.
● _id: Pg4VZGcBuP6iW0-4fR9s timestamp: 2018-11-30T09:48:20Zip:
178.62.85.75:28990level: error php-level: Fatal error php-msg: Uncaught
exception 'Exception' with message 'Error: You have an error in your SQL
syntax; check the manual that corresponds to your MySQL server version for
the right syntax to use near '' AND cp2c.commission < -9' ORDER BY
c.firstname asc' at line 1<br />Error No: 1064<br />SELECT cp2c.customer_id
as customer_id,cp2c.commission,c.firstname,c.lastname FROM
oc_customerpartner_to_customer cp2c LEFT JOIN oc_customer c ON
cp2c.customer_id = c.customer_id WHERE 1 AND LCASE(CONCAT(c.firstname, ' ',
c.lastname)) LIKE '%-9'%' AND cp2c.commission > -9' AND cp2c.commission <
-9' ORDER BY c.firstname asc ' in
/home/ocseller/www/system/library/db/mysqli.php:40nStack