❑ Code injection attack : It is attack that misuses the system by inserting exploit code.
❑ Type of code injection
Type | Synopsis | Learn more |
SQL injection | The injection using SQL query. | ㆍ |
XSS(Cross Site Scripting) | The injection using HTML script. | ㆍ |
Command injection (=Sell injection) | The injection using Shell command. | Link |
CSV injection (=Formula injection) | The injection using CSV file. | ㆍ |
Custom special character injection | The injection using special charater/reserved word.
* Signal etc.
| ㆍ |
Function injection | The injection using function name. | ㆍ |
Log injection | The injection using log file. | ㆍ |
Resource injection | The Injection using resource identifier.
* IP address, port number, file name etc.
| ㆍ |
SSI(Server-Side Includes) injection | The injection using SSI on a web application. | ㆍ |
XPATH injection | The injection using XPath query. | ㆍ |
XXE(XML External Entity) injection | The injection using XML external entity. | ㆍ |
XML Cross Site Scripting | The injection using XML tag on XML file. | ㆍ |
LDAP injection | The injection using LDAP query. | ㆍ |