Improper input validation

Improper input validation or unchecked user input is a type of vulnerability in computer software that may be used for security exploits. This vulnerability is caused when "[t]he product does not validate or incorrectly validates input that can affect the control flow or data flow of a program."

Examples include:
 * Buffer overflow
 * Cross-site scripting
 * Directory traversal
 * Null byte injection
 * SQL injection
 * Uncontrolled format string