Common Weakness Enumeration
969 faiblesses logicielles avec exemples de code, listes de contrôle de prévention et schémas de correction automatique Plexicus. Conçue pour les ingénieurs qui veulent des réponses, pas de la théorie.
The CWEs developers hit most
Start here — these are the weaknesses our SAST flags 80% of the time on real codebases.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
This vulnerability occurs when a web application fails to properly sanitize or encode user-supplied input before…
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection occurs when an application builds a database query using untrusted user input without properly…
CWE-20Improper Input Validation
This vulnerability occurs when an application accepts data from an external source but fails to properly verify that…
CWE-125Out-of-bounds Read
An out-of-bounds read occurs when software accesses memory outside the boundaries of a buffer, array, or similar data…
CWE-787Out-of-bounds Write
This vulnerability occurs when software incorrectly writes data outside the boundaries of its allocated memory buffer,…
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
OS Command Injection occurs when an application builds a system command using untrusted, external input without…
CWE-352Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) happens when a web application cannot reliably tell if a user actually intended to…
CWE-434Unrestricted Upload of File with Dangerous Type
This vulnerability occurs when an application accepts file uploads without properly restricting the file types,…
Arrêtez de payer par développeur.
Commencez à fermer la boucle.
Plexicus est l'ASPM natif IA qui scanne, filtre, corrige, penteste et explique — de façon autonome. Développeurs illimités, dépôts illimités, actions IA à usage équitable. Vrai niveau gratuit, €269/mo annuel quand vous êtes prêt.