Sensitive Data Exposure or Information Disclosure is a vulnerability that allows an attacker to gather internal information such as software and versions in use, that will allow him to prepare a focused attack, commit identity theft and impersonate other users of a website.
owasp top 10
SQL Injection – Explained
The number 1 threat according to the owasp top 10 list are injections. Among them is the SQL Injection.
An SQL Injection abuses bad sanitation to inject malicious SQL code into a web server or web application.
Cross Site Scripting (XSS) – Explained