This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Editing:Top 10 2007"
From OWASP
(→Content Pages) |
|||
Line 10: | Line 10: | ||
==Content Pages== | ==Content Pages== | ||
{|- border="1" cellpadding="2"|colspan="2" | {|- border="1" cellpadding="2"|colspan="2" | ||
− | ! | + | !style="background:#FFFF99"|Page Link |
− | ! | + | !style="background:#FFFF99"|Edit Link |
− | + | !style="background:#FFFF99"|Contents of Page | |
|- | |- | ||
|[[Top_10_2007]] | |[[Top_10_2007]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007&action=submit edit] | ||
|The main page. | |The main page. | ||
|- | |- | ||
|[[Top 10 2007-Summary]] | |[[Top 10 2007-Summary]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-Summary&action=submit edit] | ||
|The summary section. | |The summary section. | ||
|- | |- | ||
|[[Top 10 2007-Methodology]] | |[[Top 10 2007-Methodology]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-Methodology&action=submit edit] | ||
|The methodology section. | |The methodology section. | ||
|- | |- | ||
Line 26: | Line 29: | ||
[[Top 10 2007-A1]]<br> | [[Top 10 2007-A1]]<br> | ||
[[Top 10 2007-XSS]] | [[Top 10 2007-XSS]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A1&action=submit edit] | ||
|A1: XSS vulnerability | |A1: XSS vulnerability | ||
|- | |- | ||
|[[Top 10 2007-Injection Flaws]]<br> | |[[Top 10 2007-Injection Flaws]]<br> | ||
[[Top 10 2007-A2]] | [[Top 10 2007-A2]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A2&action=submit edit] | ||
|A2: Injection Flaws | |A2: Injection Flaws | ||
|- | |- | ||
|[[Top 10 2007-Malicious File Execution]]<br> | |[[Top 10 2007-Malicious File Execution]]<br> | ||
[[Top 10 2007-A3]] | [[Top 10 2007-A3]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A3&action=submit edit] | ||
|A3: Malicious File Execution | |A3: Malicious File Execution | ||
|- | |- | ||
|[[Top 10 2007-Insecure Direct Object Reference]]<br> | |[[Top 10 2007-Insecure Direct Object Reference]]<br> | ||
[[Top 10 2007-A4]] | [[Top 10 2007-A4]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A4&action=submit edit] | ||
|A4: Insecure Direct Object Reference | |A4: Insecure Direct Object Reference | ||
|- | |- | ||
Line 43: | Line 50: | ||
[[Top 10 2007-A5]] | [[Top 10 2007-A5]] | ||
[[Top 10 2007-CSRF]] | [[Top 10 2007-CSRF]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A5&action=submit edit] | ||
|A5: Cross Site Request Forgery | |A5: Cross Site Request Forgery | ||
|- | |- | ||
Line 49: | Line 57: | ||
[[Top 10 2007-Information Leakage]]<br> | [[Top 10 2007-Information Leakage]]<br> | ||
[[Top 10 2007-A6]] | [[Top 10 2007-A6]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A6&action=submit edit] | ||
|A6: Information Leakage and Improper Error Handling | |A6: Information Leakage and Improper Error Handling | ||
|- | |- | ||
Line 55: | Line 64: | ||
[[Top 10 2007-Session Management]]<br> | [[Top 10 2007-Session Management]]<br> | ||
[[Top 10 2007-A7]] | [[Top 10 2007-A7]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A7&action=submit edit] | ||
|A7: Broken Authentication and Session Management | |A7: Broken Authentication and Session Management | ||
|- | |- | ||
|[[Top 10 2007-Insecure Cryptographic Storage]]<br> | |[[Top 10 2007-Insecure Cryptographic Storage]]<br> | ||
[[Top 10 2007-A8]] | [[Top 10 2007-A8]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A8&action=submit edit] | ||
|A8: Insecure Cryptographic Storage | |A8: Insecure Cryptographic Storage | ||
|- | |- | ||
|[[Top 10 2007-Insecure Communications]]<br> | |[[Top 10 2007-Insecure Communications]]<br> | ||
[[Top 10 2007-A9]] | [[Top 10 2007-A9]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A9&action=submit edit] | ||
|A9: Insecure Communications | |A9: Insecure Communications | ||
|- | |- | ||
|[[Top 10 2007-Failure to Restrict URL Access]]<br> | |[[Top 10 2007-Failure to Restrict URL Access]]<br> | ||
[[Top 10 2007-A10]] | [[Top 10 2007-A10]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-A10&action=submit edit] | ||
|A10: Failure to Restrict URL Access | |A10: Failure to Restrict URL Access | ||
|- | |- | ||
|[[Top 10 2007-Where to Go From Here]] | |[[Top 10 2007-Where to Go From Here]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-Where_to_Go_From_Here&action=submit edit] | ||
|Where to Go From Here | |Where to Go From Here | ||
|- | |- | ||
|[[Top 10 2007-References]] | |[[Top 10 2007-References]] | ||
+ | |[https://www.owasp.org/index.php?title=Top_10_2007-References&action=submit edit] | ||
|References | |References | ||
|} | |} |
Revision as of 23:42, 13 May 2007
Introduction
This page is intended as an aid to editors of the 2007 Top 10 Vulnerabilities list.
Please help this page grow.
Content Pages
Markup Used
Markup or Style | When used |
---|---|
= | H1 - Never used in top 10 |
== | H2 - used as main headers within a page. Will be appear in TOC if one is included. |
=== | H3 - used as second-level headers within a page. Will not appear in TOC by default. |
< and > | Used instead of < and > when used as strings as compared to HTML tags. Sometimes the Wiki allows < and > to go through without using the escapes but sometimes it does bad things. For example "<b>" '''BOLD''' notbold actually produces "" BOLD notbold . Probably not what you want.
|
__NOTOC__ | Prevents default display of TOC which happens as soon as there is a total of four or more H1 (shouldn't be used) or H2 headers. |
__TOC__ | Forces creation of a TOC at that point - even if a TOC would otherwise have not been generated. |
“ and ” | Used as “double quote characters” where needed. |
‘ and ’ | Used as ‘singe quote characters’ where needed. |
<code> and </code> | Used to dilineate code (fixed-width font, slightly gray background) .
|
Template Pages
Page Link | Contents of Page |
---|---|
Template:Top_10_2007:TopTemplate | Template to produce the top of the page. |
Template:Top_10_2007:BottomTemplate | Template to produce the bottom of the page. |
Template:PrevLink | Template to produce link to previous page in Template:Top_10_2007:TopTemplate and Template:Top_10_2007:BottomTemplate. |
Template:MainLink | Template to produce link to the Top_10_2007 main page in Template:Top_10_2007:TopTemplate and Template:Top_10_2007:BottomTemplate. |
Template:Nothing | Template that produces nothing. It is used by Template:Top_10_2007:TopTemplate and Template:Top_10_2007:BottomTemplate to produce nothing. For example, Top 10 2007 has no previous nor main link so the Nothing template is called instead. |
Template:FIXUP | Template that produces FIXUP notes. The template takes two arguments. The first is a name identifying the user (could be full name, username, initials, it is simply for identification) who added the FIXUP tag. The second is a comment about what needs to be fixed up. For example, {{FIXUP|Neil Smithline|Demo of FIXUP}} produces FIXUP: {{{1}}}: {{{2}}}
. |
General Wiki Help
See Help:Contents.
About Templates
Before doing anything with the templates I strongly suggest you have familiarity with Wikipedia's Template Help and Wikipedia's Advanced Templates Help.