Validating input in perl Couples cybersex cam to cam
The user has no control over the price variable, however the code does not prevent a negative value from being specified for quantity.
If an attacker were to provide a negative value, then the user would have their account credited instead of debited.
In addition, relationships such as Peer Of and Can Also Be are defined to show similar weaknesses that the user may want to explore.
Base - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention.
Languages The table below specifies different individual consequences associated with the weakness.
The Scope identifies the application security area that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in exploiting this weakness.
The Phase identifies a point in the software life cycle at which introduction may occur, while the Note provides a typical scenario related to introduction during the given phase.
These relationships are defined as Child Of, Parent Of, Member Of and give insight to similar items that may exist at higher and lower levels of abstraction.
Example 4This function attempts to extract a pair of numbers from a user-supplied only the m variable will be initialized.
Subsequent use of n may result in the use of an uninitialized variable (CWE-457).
In a client-server architecture, the programmer might assume that client-side security checks cannot be bypassed, even when a custom client could be written that skips those checks (CWE-602).
The listings below show possible areas for which the given weakness could appear.