C
- C
Common Vulnerabilities and Exposures
Common Vulnerabilities and Exposures (CVE®) is a list of common identifiers for publicly known cyber security vulnerabilities. Use of CVE Identifiers, or "CVE IDs," which are assigned by CVE Numbering Authorities (CNAs) from around the world, ensures confidence among parties when used to discuss or share information about a unique software or firmware vulnerability, provides a baseline for tool evaluation, and enables data exchange for cybersecurity automation.
crawler
A crawler is a program or script used for automatically obtaining information from World Wide Web.
Cross Site Script
XSS is a type of web security vulnerability used by attackers to steal user information. Using the vulnerability, attackers inject malicious code into web pages. The code is executed to steal user information when users browse the web pages.
cross-site request forgery
Cross-site request forgery is another common web attack. Attackers forge data for targets to access. If the browsers of the targets maintain the authentication sessions with the destination sites, the targets unknowingly send requests forged by attackers to the destination sites when accessing the attacker-forged pages or URLs.
CSRF/XSRF
See cross-site request forgery
CVE
D
- D
DN
See Domain Name
Domain Name
Domain names refer to the names that are registered to domain name registrars by individuals or organizations, such as enterprises, governments, or non-governmental organizations. Domain names serve as the network addresses for the communication between enterprises or organizations on the Internet. Each domain name corresponds to an IP address.
Domain Verification
Users' identity and other relevant information are verified.
L
- L
P
- P
payload
The payload is the portion of the malware which performs malicious action
POC
See prove of concept
prove of concept
A segment of code or program that proves the existence of a vulnerability
R
- R
S
- S
scanner
A scanner is a program that automatically detects security weaknesses in local or remote hosts. It can discover vulnerabilities and provide scanning results quickly and accurately.
SQL Injection
SQL injection is a common web attack. Attackers inject SQL statements into query character strings of background databases to deceive servers into executing the malicious SQL statements. Then, attackers can obtain sensitive information, add users, export files, or even gain the highest permissions on the databases or even the systems.
SQLi
See SQL Injection
V
- V
VSS
See Vulnerability Scan Service
VUL
See Vulnerablity
Vulnerability Scan Service
VSS is a security detection service designed for web applications.
Vulnerablity
A vulnerability is a defect of hardware, software, or protocol in specific implementation or system security policy. Such a defect enables an attacker to access or sabotage a system without being authorized.
W
- W
WAF
Web 2.0
Web 2.0 basically refers to the transition from static HTML Web pages to a dynamic Web that is more organized and based on serving Web applications.
Web Application Firewall
WAF is a protection service designed for web applications. It detects and blocks threats such as SQL injection and XSS attacks to mitigate the risk of service interruption, data theft, or data tampering of web applications.
X
- X
XML External Entity attack
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located, and other system impacts.
XSS
XXE attack
Z
- Z
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
