• Password Compromised – same as brute force, or username/password hard-coded in code
• SQL Injection - attacker uses poorly designed input validation routines to create or alter SQL commands to gain access to unintended data or execute commands.Access with Elevated Privileges – incorrect configuration leads to access with higher-than-expected privileges
No comments:
Post a Comment