Entity | AV Type | Risk | Detection Type | Example |
---|---|---|---|---|
Param Value | SQLi | Specific | Signature | id=1' or '1'='1 matches CVE signature |
Header Value | RFI | General | Meta Characters | User-Agent: php://input with path traversal marker |
POST JSON | XSS | General | Normalization + Size | Encoded payload in deep object {"bio": "<script>"} |
URL Path | LFI | Informational | Signature | /../../etc/passwd |
Param Name | SQLi | Informational | Pattern (Char Set) | user[; DROP TABLE] |
Header | UA Anomaly | Informational | CI (Client Fingerprint) | Known bot UA with outdated capabilities |
Query Param | Command Exec | Specific | Signature + Schema | `;curl http://x.sh |
POST JSON | XSS | General | Signature | onerror=alert(1) in JSON-encoded form |
Request | SQLi | General | Size + RFC Structure | Overly long GET request exceeding normal param size |