# All Api Vulnerability

## List of vulnerability:

1. Information Disclosure
2. Broken Object Level Authorization
3. Broken User Authentication
4. Excessive Data Exposure
5. Lack of Resources and Rate Limiting
6. Broken Function Level Authorization (easy if we get admin api)
7. Mass Assignment
8. Security Misconfigurations
9. Injections
10. Improper Assets Management
11. Business Logic Vulnerabilities
12. Server Side Request Forgery
13. Cross-API Scripting (XAS)
14.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://shahidulandshamim.gitbook.io/web-application/api-testing/all-api-vulnerability.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.