This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Direct Dynamic Code Evaluation ('Eval Injection')"
From OWASP
Weilin Zhong (talk | contribs) |
Weilin Zhong (talk | contribs) |
||
Line 20: | Line 20: | ||
[[Category:Vulnerability]] | [[Category:Vulnerability]] | ||
− | [[Category: | + | [[Category:Input Validation Vulnerability]] |
[[Category:Attack]] | [[Category:Attack]] |
Revision as of 19:40, 12 June 2006
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
- This is an Attack. To view all attacks, please see the Attack Category page.
This vulnerabilty can be exploited by code injection attacks and should be fixed using appropriate input validation on user input.
This vulnerability is so specific so the attack that is used to exploit this vulnerability, "Eval Injection", is described in the same page.
Related Attacks
Related Countermeasures
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.