Breach security has released their annual web-hacking statistics for 2007, the most used attacks/vulnerabilities were:
#1 SQl injections 20%
#2 unintentional information disclosure 17%
#3 known vulnerabilities 15%
#4 cross site scripting 12%
#5 insufficient access control 10%
#6 credential/session prediction 8%
#7 OS commanding 3%
#8 misconfiguration 3%
#9 insufficient anti-automation 3%
#10 denial of service 3%
#11 redirection 2%
#12 insufficient session expiration 2%
#13 cross site request forgery 2%
the full report is available here.
web-hacking incident statistics 2007
- jasonxxx102
- Fame ! Where are the chicks?!
- Posts: 176
- Joined: 04 Feb 2008, 17:00
- 16
- Contact: