1. Homepage
  2. RvR
  3. Application
  4. Attack Vectors

General Information

Connection String Parameter Pollution

Variants:
Direct Persistent Session 

Vector Type:
Attack

Relevance:
Generic

Layer:
Application-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Input Validation, Secure Design

Invented In:
02/02/2010

Added In:
08/12/2014


Vector Operation Method:
Malicious inputs can affect the structure of database connection strings


Direct Variant:

CSPP

Variant Title:
CSPP

Typical Severity:
Major

Resources:

Other I

Other II

Other III

White Papers:

Paper I

Paper II

Paper II

Learn More:



Persistent Variant:

Stored CSPP

Also Known As:
Persistent CSPP

Typical Severity:
Major

Resources:

White Papers:

Learn More:


Session Variant:

CSPP via Session Puzzling

Also Known As:
Session CSPP

Typical Severity:
Major

Resources:

White Papers:

Learn More:




TECAPI ©

Join