Reliance on Untrusted Inputs in a Security Decision
Missing Encryption for Sensitive Data
Use of a Broken or Risky Cryptographic Algorithm
Use of a One-Way Hash without a Salt
Download of Code Without Integrity Check
URL Redirection to Untrusted Site ('Open Redirect')
Cross-Site Request Forgery
XML External Entity
Unrestricted Upload of File with Dangerous Type
OS Command Injection
Uncontrolled Format String
Welcome to Insecure Inc.
This is a training site. You are authorized to complete the training challenges. You are
authorized to conduct any disruptive testing or intentionally tamper with the contents of this site.