OWASP rates injection flaws as the most critical vulnerability within the Top 10 most Critical Web Application Security Risks under the OWASP Top 10 project. http://www.owasp.org/index.php/Top_10_2010-A1.
This hands-on session gives attendees an over-view of this vulnerability. While topics such as SQL Injection are very well documented, there are quite a lot of other injection flaws which are not much talked about. Some of these are: XPATH Injection LDAP Injection Hibernate Query Language Injection Direct OS Code Injection XML Entity Injection This hands-on session will introduce the attendees to such less popular vulnerabilities and allow the attendees to gain an in-depth knowledge of the impact of the vulnerability.