Skip to content

Road map

Jump to bottom
Kohei Tamura edited this page Sep 12, 2017 · 35 revisions

  • EasyBuggy 1.3.5 (2017 Summer released)

    • Unrestricted Upload
      • Upload File Execution
      • File Space Denial of Service
    • Unrestricted login page
      • Open Redirect
      • Brute-force Attack
    • OGNL Expression Injection
    • Mail Header Injection
    • Null Byte Injection
    • Cross-Site Request Forgery
    • Directory Traversal
    • Unintended File Disclosure
    • Clickjacking
    • XXE: XML External Entity
    • XEE: Xml Entity Expansion
    • Session Fixation

  • EasyBuggy 1.4.0 (2017 Fall)

    • Replay Attack
    • CSS injection
    • Content-Type Sniffing
    • Session Hijacking
    • HTTP Header Injection
    • HTTP Response Splitting
    • HTTP Parameter Pollution

  • EasyBuggy 2.0.0 (2017 Winter)

    • False Sharing
    • Classloader Leak
    • Stop the World
    • Humongous Allocation Failure
    • JVM Crash (SIGSEGV)
    • JVM Crash (EXCEPTION_ACCESS_VIOLATION)
    • JVM Crash (EXCEPTION_STACK_OVERFLOW)
    • Infinite Recursion SQL
    • Insufficient OAuth 2.0 / OpenID Connect implementation
    • Cross-Site WebSocket Hijacking
Clone this wiki locally