1. Brute Force Attack 2. Buffer Overflow 3. Content Spoofing 4. Credential/Session Prediction 5. Cross-Site Scripting 6. Cross-Site Request Forgery 7. Denial of Service 8. Format String Attack 9. HTTP Request Splitting 10. HTTP Response Splitting 11. HTTP Request Smuggling 12. HTTP Response Smuggling 13. Integer Overflow 14. LDAP Injection 15. Mail Command Injection 16. OS Commanding 17. Path Traversal 18. Predictable Resource Location 19. Remote File Inclusion 20. Routing Detour 21. SOAP Array Abuse 22. SSI Injection 23. Session Fixation 24. SQL Injection 25. URL Redirectors 26. XPath Injection 27. XML Attribute Blowup 28. XML External Entity 29. XML Entity Expansion 30. XML Injection 31. XQuery Injection 32. Application Misconfiguration 33. Directory Indexing 34. Fingerprinting 35. Improper Parsing 36. Improper Permissions 37. Information leakage 38. Insecure Indexing 39. Insufficient Anti-automation 40. Insufficient Authentication 41. Insufficient Authorization 42. Insufficient Data Protection 43. Insufficient Process Validation 44. Insufficient Session Expiration 45. Insufficient Transport Layer Protection 46. Server Misconfiguration