• Introduction
• User Token
• Information Disclosure
• Insecure Direct Object Reference
• Access Control
• Throttling
• SQL Injection
• Cross Site Scripting
• Cross Site Request Forgery