forked from wallarm/fast-detects
-
Notifications
You must be signed in to change notification settings - Fork 0
/
app-errors.yaml
348 lines (346 loc) · 16 KB
/
app-errors.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
generate:
- payload:
- '%0D%0A%C1%81'
- "%{1+'f'}"
detect:
- response:
- body: 'Error Occurred While Processing Request'
- body: "Server Error in '.*' Application"
- body: 'Microsoft OLE DB Provider for ODBC Drivers error'
- body: 'error in your SQL syntax'
- body: 'Invalid Querystring'
- body: 'Input string was not in a correct format'
- body: 'An illegal character has been found in the statement'
- body: 'ERROR:.*LINE [0-9]+:'
- body: 'Warning:.+ Invalid multibyte sequence'
- body: '<b>Fatal Error<\/b>: (.*)'
- body: '<b>Notice<\/b>: (.*)'
- body: "Warning stuff sybase stuff"
- body: "Sybase stuff Server message stuff"
- body: "Warning stuff sqlite"
- body: 'SQLite\/JDBCDriver'
- body: 'SQLite\.Exception'
- body: 'System\.Data\.SQLite\.SQLiteException'
- body: "PostgreSQL query failed:"
- body: "supplied argument is not a valid PostgreSQL result"
- body: "PostgreSQL.*ERROR"
- body: "Warning stuff pg_ stuff"
- body: "valid PostgreSQL result"
- body: 'Npgsql\.stuff'
- body: "PG::StuFError"
- body: 'java\.sql\.SQLException'
- body: "Oracle error"
- body: "Oracle stuff Driver"
- body: "Warning stuff oci_ stuff"
- body: "Warning stuff ora_ stuff"
- body: 'System\.Data\.OleDb\.OleDbException'
- body: "ODBC SQL Server Driver"
- body: "SQLServer JDBC Driver"
- body: "SqlException"
- body: 'System\.Data\.SqlClient\.SqlException'
- body: "Unclosed quotation mark after the character string"
- body: "Microsoft OLE DB Provider for ODBC Drivers"
- body: "Microsoft OLE DB Provider for SQL Server"
- body: "Incorrect syntax near"
- body: "Sintaxis incorrecta cerca de"
- body: "Syntax error in string in query expression"
- body: "Procedure or function 'ColumnSeek' expects parameter"
- body: "Unclosed quotation mark before the character string"
- body: "Syntax Error (missing operator) in query expression"
- body: "Data type mismatch in criteria expression"
- body: 'ADODB\.Field \(0x800A0BCD\)'
- body: "the used select statements have different number of columns"
- body: "OLE DB stuff SQL Server"
- body: "Warningstuff mssql"
- body: "SQL error stuff POS(1234) stuff"
- body: "Warning stuff maxdb stuff"
- body: 'org\.hibernate\.QueryException: unexpected char:'
- body: 'org\.hibernate\.QueryException: expecting'
- body: "Unexpected end of command in statement"
- body: "Warning stuff ingres_"
- body: "Ingres SQLSTATE"
- body: "Ingres stuff Driver"
- body: 'com\.informix\.jdbc'
- body: "Exception stuff Informix"
- body: "Fatal error: Uncaught exception 'MongoCursorException'"
- body: 'MS\.Internal\.Xml\.'
- body: "error '80004005'"
- body: 'Expression must evaluate to a node-set\.'
- body: "A closing bracket expected in"
- body: "An operand in Union Expression does not produce a node-set"
- body: "Cannot convert expression to a number"
- body: "Document Axis does not allow any context Location Steps"
- body: "Empty Path Expression"
- body: "Empty Relative Location Path"
- body: "Empty Union Expression"
- body: "Expected node test or name specification after axis operator"
- body: "Incompatible XPath key"
- body: "Incorrect Variable Binding"
- body: 'A document must contain exactly one root element\.'
- body: "XPathException"
- body: "Unknown error in XPath"
- body: 'org\.apache\.xpath\.XPath'
- body: "libxml2 library function failed"
- body: "xmlsec library function"
- body: "xmlXPathEval: evaluation failed"
- body: 'SimpleXMLElement::xpath\(\)'
- body: "An error occurred in script"
- body: 'Warning: include_once\(\): Failed opening'
- body: "Failed opening required"
- body: "failed to open stream: stuff"
- body: 'MySqlClient\.'
- body: "Server message"
- body: "SQL error"
- body: "JET Database Engine"
- body: "Procedure or function"
- body: '\[IBM\]\[CLI Driver\]\[DB2'
- body: 'org\.postgresql\.util\.PSQLException'
- body: "Access Database Engine"
- body: "SQLiteException"
- body: "CLI Driver"
- body: "on MySQL result index"
- body: "has occurred in the vicinity of:"
- body: "MySQL server version for the right syntax to use"
- body: 'com\.mysql\.jdbc\.exceptions'
- body: "supplied argument is not a valid MySQL"
- body: 'mssql_query\(\)'
- body: 'mysql_fetch_array\(\)'
- body: "Column count doesn't match value count at row"
- body: "Sybase message"
- body: "SQL Server"
- body: "Dynamic SQL Error"
- body: 'System\.Data\.SqlClient\.'
- body: "DM_QUERY_E_SYNTAX"
- body: 'pg_exec\(\)'
- body: "SQLITE_ERROR"
- body: "PostgreSQL"
- body: 'org\.hsqldb\.jdbc'
- body: "SQL syntax"
- body: "Data type mismatch in criteria expression"
- body: "DB2 SQL error"
- body: "Sybase message:"
- body: "in query expression"
- body: "valid MySQL result"
- body: "Column count doesn't match"
- body: "ODBC Microsoft Access Driver"
- body: 'Roadhouse\.Cms\.'
- body: "DB2 SQL error:"
- body: "No row with the given identifier"
- body: "open_basedir restriction in effect"
- body: "Cannot execute a blank command in"
- body: "Fatal error: preg_replace"
- body: "Stack trace:"
- body: '\(\) cannot be called statically'
- body: "- not a Class::Method"
- body: '::__toString\(\) must not throw an exception'
- body: "Access to undeclared static property:"
- body: "An iterator cannot be used with foreach by reference"
- body: "Array callback has to contain indices 0 and 1"
- body: "Arrived at end of main loop which shouldn't happen"
- body: "Attempt to destruct pending exception"
- body: "Attempt to unset static property"
- body: 'Balloc\(\) allocation exceeds list boundary'
- body: 'Balloc\(\) failed to allocate memory'
- body: "Base lambda function for closure not found"
- body: "Call to a member function"
- body: "Call to private"
- body: "Call to protected"
- body: "Call to undefined function"
- body: "Call to undefined method"
- body: "Can only throw objects"
- body: "Cannot access empty property"
- body: "Cannot access parent:: when current class scope has no parent"
- body: "Cannot access parent:: when no class scope is active"
- body: "Cannot access property started with"
- body: "Cannot access self:: when no class scope is active"
- body: "Cannot access static:: when no class scope is active"
- body: "Cannot access undefined property for object with overloaded property access"
- body: "Cannot assign by reference to overloaded object"
- body: 'Cannot break\/continue'
- body: "Cannot call abstract method"
- body: "Cannot call constructor"
- body: 'Cannot call forward_static_call\(\) when no class scope is active'
- body: "Cannot call non static method"
- body: "Cannot call overloaded function for non-object"
- body: "Cannot call private"
- body: 'Cannot create references to\/from string offsets'
- body: 'Cannot create references to\/from string offsets nor overloaded objects'
- body: "Cannot declare self-referencing constant"
- body: "Cannot destroy active lambda function"
- body: "Cannot get arguments for"
- body: 'Cannot increment\/decrement overloaded objects nor string offsets'
- body: "Cannot instantiate abstract class"
- body: "Cannot instantiate interface"
- body: "Cannot instantiate trait"
- body: "Cannot override final"
- body: "Cannot pass parameter"
- body: "Cannot redeclare"
- body: "Cannot redeclare class"
- body: "Cannot register a reverse output handler conflict outside of MINIT"
- body: "Cannot register an output handler alias outside of MINIT"
- body: "Cannot register an output handler conflict outside of MINIT"
- body: "Cannot resume an already running generator"
- body: "Cannot return string offsets by reference"
- body: "Cannot set non exception as previous exception"
- body: "Cannot unset string offsets"
- body: "Cannot use assign-op operators with overloaded objects nor string offsets"
- body: "Cannot use object as array"
- body: "Cannot use object of type"
- body: "Cannot use string offset as an array"
- body: "Cannot use string offset as an object"
- body: "Cannot yield from finally in a force-closed generator"
- body: "Cannot yield string offsets by reference"
- body: "Class entry requested for an object without PHP class"
- body: "Class name must be a valid object or a string"
- body: 'Corrupted fcall_info provided to zend_call_function\(\)'
- body: 'DCOM has been disabled by your administrator \[com\.allow_dcom=0\]'
- body: "DateFormat class not defined"
- body: "DateTimeInterface can't be implemented by user classes"
- body: "EXTREMELY fatal error: jmpbuf unrecoverable; terminating"
- body: "EXTREMELY fatal error: longjmp returned control; terminating"
- body: "Encoding: Attribute"
- body: "Encoding: Can't decode apache map, missing key"
- body: "Encoding: Can't decode apache map, missing value"
- body: "Encoding: Can't decode apache map, only Strings or Longs are allowd as keys"
- body: "Encoding: Cannot find encoding"
- body: "Encoding: Element"
- body: "Encoding: Error calling from_xml callback"
- body: "Encoding: Error calling to_xml callback"
- body: "Encoding: External reference"
- body: "Encoding: Internal Error"
- body: "Encoding: Invalid timestamp"
- body: "Encoding: SoapVar has no 'enc_type' property"
- body: "Encoding: Unresolved reference"
- body: "Encoding: Violation of encoding rules"
- body: "Encoding: Violation of id and ref information items"
- body: "Encoding: object has no"
- body: "Encoding: string"
- body: "Error installing signal handler for"
- body: "Exception thrown without a stack frame"
- body: "Exceptions must be valid objects derived from the Exception base class"
- body: "Failed to clone SpoofChecker object"
- body: "Failed to register IntlDateFormatter class"
- body: "Failed to register MessageFormatter class"
- body: "Failed to register NumberFormatter class"
- body: "Failed to register ResourceBundle class"
- body: "Field width %d is too long"
- body: "First array member is not a valid class name or object"
- body: "Function name must be a string"
- body: "Illegal length modifier specified"
- body: "Illegal offset type"
- body: "Input string is too long"
- body: "Invalid RelaxNG Validation Context"
- body: "Invalid Schema Validation Context"
- body: "Invalid opcode"
- body: "Invalid serialization data for DatePeriod object"
- body: "Invalid serialization data for DateTime object"
- body: "Invalid serialization data for DateTimeImmutable object"
- body: "Maximum execution time of"
- body: "Method name must be a string"
- body: "Need to supply an object when throwing an exception"
- body: "Nesting level too deep - recursive dependency"
- body: "NumberFormatter class not defined"
- body: "Object does not support method calls"
- body: "Only variables can be passed by reference"
- body: "PDO: driver"
- body: "Parsing Schema: attribute"
- body: "Parsing Schema: attributeGroup"
- body: "Parsing Schema: can't import schema from"
- body: "Parsing Schema: complexType has no 'name' attribute"
- body: "Parsing Schema: element has both"
- body: "Parsing Schema: element has no 'name' nor 'ref' attributes"
- body: "Parsing Schema: expected"
- body: "Parsing Schema: extension has no 'base' attribute"
- body: "Parsing Schema: group has both 'ref' attribute and subcontent"
- body: "Parsing Schema: group has no 'name' nor 'ref' attributes"
- body: "Parsing Schema: include has no 'schemaLocation' attribute"
- body: "Parsing Schema: missing restriction value"
- body: "Parsing Schema: redefine has no 'schemaLocation' attribute"
- body: "Parsing Schema: restriction has no 'base' attribute"
- body: "Parsing Schema: simpleType has no 'name' attribute"
- body: "Parsing Schema: unexpected"
- body: "Parsing Schema: unresolved"
- body: "has no name attribute"
- body: 'Parsing WSDL: Could not find any usable binding services in WSDL\.'
- body: "Parsing WSDL: Couldn't bind to service"
- body: "Parsing WSDL: Couldn't find"
- body: "Parsing WSDL: Couldn't load from"
- body: "Parsing WSDL: Missing 'name' attribute for"
- body: "Parsing WSDL: Missing 'type' attribute for"
- body: "Parsing WSDL: Missing message attribute for"
- body: "Parsing WSDL: Missing name for"
- body: "Parsing WSDL: Missing part '%s' in"
- body: "Parsing WSDL: Missing part attribute for"
- body: "Parsing WSDL: No element with name"
- body: "Parsing WSDL: No address associated with"
- body: "Parsing WSDL: No binding associated with"
- body: "Parsing WSDL: No location associated with"
- body: "Parsing WSDL: No name associated with"
- body: "Parsing WSDL: The fault message"
- body: "Parsing WSDL: Unexpected WSDL element"
- body: "Parsing WSDL: Unexpected extensibility element"
- body: "Parsing WSDL: Unknown encodingStyle"
- body: "Parsing WSDL: Unknown required WSDL extension"
- body: "Parsing WSDL: Unspecified encodingStyle"
- body: "Possible integer overflow in memory allocation"
- body: "Second array member is not a valid method"
- body: "Spoofchecker class not defined"
- body: "String size overflow"
- body: "The object to be iterated is in an invalid state:"
- body: "Trying to clone an uncloneable object"
- body: "Trying to clone an uncloneable object of class"
- body: "Unable to call"
- body: "Unable to cast node to string"
- body: "Undefined class constant"
- body: "Undefined constant"
- body: "Undefined offset for object of type"
- body: 'Unexpected inconsistency in create_function\(\)'
- body: "Unknown SOAP version"
- body: "Unknown typehint"
- body: "Unsupported operand types"
- body: "Using $this when not in object context"
- body: "Wrong parameters for ErrorException"
- body: "Wrong parameters for Exception"
- body: "You MUST load PDO before loading any PDO drivers"
- body: "operator not supported for strings"
- body: "and must therefore be declared abstract or implement the remaining methods"
- body: "namespace must not match the enclosing schema 'targetNamespace'"
- body: "requires PDO API version"
- body: 'class java\.lang\.'
- body: 'java\.lang\.NullPointerException'
- body: 'java\.rmi\.ServerException'
- body: 'at java\.lang\.'
- body: 'at org\.apache\.catalina'
- body: 'at org\.apache\.coyote\.'
- body: 'at org\.apache\.tomcat\.'
- body: 'at org\.apache\.jasper\.'
- body: "Microsoft VBScript runtime"
- body: "Application uses a value of the wrong type for the current operation"
- body: "Microsoft VBScript compilation"
- body: 'Microsoft \.NET Framework Version:'
- body: 'A trappable error occurred in an external object\. The script cannot continue running'
- body: "Microsoft VBScript runtime Error"
- body: 'ADODB\.Command'
- body: "Object required:"
- body: 'eval\(\).d code on line'
- body: "Encoding: '*' may only be first arraySize value in list"
- body: 'Warning: fopen\('
- body: 'Warning: fpassthru\('
- body: 'Warning.*include_once\(\): Failed opening'
- body: 'Warning.*include_once\(.*\): failed to'
- body: 'Warning.*include\(\): Failed opening'
- body: 'Warning.*include\(.*\): failed to'
- body: 'java\.lang\.IllegalArgumentException'
- body: 'Request processing failed'
- body: 'org\.springframework\.jdbc\.BadSqlGrammarException:'
- body: 'java\.sql\.SQLSyntaxErrorException:'
- body: '<\/b> on line <b>(.*)'
- body: '<b>Warning<\/b>: (.*)'
- body: 'no such function'
meta-info:
- type: info
- threat: 30
- tags:
- Application Errors
- OWASP Top 10
- OWASP