These are all considerably more crucial vulnerabilities and are employed in bug bounty programmes.Just add into your list and gather much information from other external resources like google,youtube.
A look at each one,
1. Broken access control
2. Broken authentication
3. Carriage Return and Line Feed (CRLF) Injection
4. Cipher transformation insecure
5. Components with known vulnerabilities
6. Cross-Origin Resource Sharing (CORS) Policy
7. Credentials management
8. Cross-site request forgery (CSRF)
9. Cross-site scripting (XSS)
10. Directory indexing
11. Directory traversal
12. Encapsulation
13. Error handling
14. Failure to restrict URL access
15. HTTP response splitting
16. HTTP verb tampering
17. Improper certificate validation
18. Injection flaw
19. Insecure cryptographic storage
20. Insecure de-serialization
21. Insecure digest
22. Insecure direct object references (IDOR)
23. Insufficient logging and monitoring
24. Insufficient session expiration
25. Insufficient transport layer protection
26. Lightweight Directory Access Protocol (LDAP) injection
27. Malicious code
28. Missing function level access control
29. Missing PT_DENY_ATTACH
30. Operating System (OS) command injection
31. Race condition
32. Remote code execution (RCE)
33. Remote file inclusion (RFI)
34. Security misconfiguration
35. Sensitive data exposure
36. Session ID leakage
37. SQL Injection
38. Unrestricted File Upload
39. Unvalidated automatic library activation
40. Unvalidated redirects and forwards
41. XML External Entities (XXE)
I’ll provide a lot more information about web application penetration testing in the future. I promise you, will cover the above topics in future.
I appreciate you reading this. I hope this post provided you with some knowledge. Gain knowledge through the medium
