- Not sanitizing user input e.g. facilitating SQL injection, XSS.
- Paths in variables.
- Not exiting code on a redirect.
- Not checking uploaded content & Nullbytes.
- Not protecting juicy files.
- Storing passwords verbatim into a database.
- Leaving around juicy information.
Nalezeno p?i auditech SW zákazník?.