In this section, we will discuss various security vulnerabilities that allow an attacker to perform file upload, code execution, and file inclusion attacks on a web server.
In the following sections, we will cover the fundamentals of the following topics:
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Structured Query Language injection (SQLi)
- Insecure deserialization
- Common misconfigurations
- Vulnerable components
- Insecure direct object reference
Let's dive in!