Top 25 common programming bugs every tester should know

Just a quick note to share a useful resource with you. Just came across a good article 25 common programming errors for software programmers and software testers. Basically, this is more useful for programmers but I think software testers can get insight on how developers can unknowingly leave bugs in software programs.

Each bug listed in this resource can lead to serious software vulnerabilities if not fixed. The top 25 security bugs list will help programmers to avoid some common but serious coding mistakes. For software testers list will be useful as a security testing checklist for the Internet as well as for testing desktop application.

Here are few top security vulnerabilities discussed in detail in this article:

  •  Improper input validation
  •  Improper escaping of output or encoding
  •  SQL injection
  •  Cross-site scripting
  •  Race conditions
  •  Information leak in error messages
  •  Error while transmitting sensitive information
  •  Memory leak
  •  External control of critical data and file paths
  •  Improper initialization
  •  Improper authorization
  •  Client-side security checks

I think the most common security vulnerability mistake developers make is “Client-side enforcement of server-side security”.

Check out below article so that you can at least help developers for improving their code standards ;-)

Top 25 common programming Errors

Recommended reading


#1 Rahul

I think what u had told is right. It is good article. Thank u.

#2 Mehmood

its nice article.its very helpful fo all..

thank u

#3 srikanth

Yes, its a good information.

#4 STE Stuff| Every Thing That Test Eng Needs

Good information dude. Input validation will be the top prior one always.

#5 Yogini

Thanks vijay for posting the link. That is really a great cumulative post helpful for security testers.
Keep posting such resources side by side.

Keep going..

#6 Priya

Really Helpful information.Thanks for the wonderful article.

#7 Ajit

This article is very usefull for all tester

#8 Sridhar

Great Article…Thanks for sharing

#9 Ratnadeep

Very useful article.Keep up the good work.

#10 Ahmad


#11 Vivek Kasat

Very Useful artical
Thanks a lot :)

#12 Mallikarjun

Really wonderful information.It is very useful for testers as well as developrs also.

#13 Saran

Hi Guys

It’s Nice article,It gives a valuable information

#14 Jamuna

Very Informative…..Thanks!!!!

#15 J.B.Rajkumar

This is a Good article for both developers and testing analysts. Thanks.

#16 Inder P Singh

My estimate is that new programming languages or newer versions of the existing ones would address these programming errors in future. In the meantime, the programmers should be alert for these errors.

Inder P Singh

#17 Rao

This particular concept is giving the heads up to both the DEV & QA to minimize the defects and improve the qulity on common aspects.

#18 soloman

this is QTP

#19 Reema

Good one ..keep posting !!

#20 sitaram

This is a good article for all tester.

#21 Jayshri

Yes it’s really helpful to all, Actually i am already work on it. not our application is little bit safe but some time if system slow it’s throw server exception error where shows function or procedure name also i think it’s also harmful, but i am not prove it how it’s harmful so plz explain me if possible.

#22 mandeep

hello every bady
i done a SQT(Software quality testing) course from noida. if any bady which r present on this site and doing job in any company regard to testng then plz let me know .
plz tell me about agile testing

#23 priyanka

NIce article.

#24 shanthakumar

wat is memory leaking?

#25 Namrata

Good to know this information.

#26 kien


#27 xavier

Thanks for your information

#28 Aman

Good Article for both developers & testers.

#29 Sk

hai , i m new to this website.its very good site.i m a
Bsc fresher,i m interested to learn software testing in a
training insitute in B’lore.
i hav some Qs.Plz anyone answer…
1)what is manual testing actually(in real time scenario)?
2)is it learnable by fresh graduates?
3)do we need to know any programming languages?
also can anyone give me ebooks on manual/automation testing?.


#30 mandeep

hello. plz can any body give me the lists of north india IT companies.plz help me out i done mca and sqt(software quality testing) course.

#31 Ahmad Adnan

it`s good buddy..


#32 nisha kamboj

hello sir, i am new in testing and want to know how to write the test cases with proper format. though i write few one but i want to know the standard format…plz guide me..your site is really helpful for the person who are in provides valuable information…good job …


#33 Sanga


it is very interesting site from this i got lots of knowledge but still i want gain knowledge.

#34 mandeep

plz tell me vijay or any body u r on this q is still present in comment

#35 Rony Barua

It should maintain every tester. and It is a very helpful article

#36 MH

Very very useful article. Thanks.

#37 maha

how to create a web site plz tell me

#38 maha

how to create a web site

#39 Mrudula

Nice Document.. Helped me a lot

#40 Geek Blogger

Very helpful article .

#41 Nirvan

This is the Best Article ever I have seen for the Testing Guide…!!!

#42 securians

hire developers & software programmers

Securenext software | Hire offshore web developers & programmers

With offices in california, united states and in chennai, india our company consists of experienced programmers, website developers, graphic designers working in ruby on rails, php, .net, database management, providing agile business solution.

#43 Mayasen

Hi Maha, #39

This is the testing blog. If you’ve related queries please raise here.

#44 Shoryaa

Useful Information…thanks

#45 Koistya `Navin

I think SQL Injection is less common nowadays. How about wrong, misleading or security vulnerability error messages

#46 gaurav bhatnagar

this is what i call a knowledge pool. It’s a real time usable info which can be put to use from the first second. very helpful!!!

#47 koteswarrao


where can a iget document about the secuirty testing?

#48 Sujan

Top stuff ! This website has all answers regarding s/w testing.

#49 manju

wht is difference between sanity and smoke

#50 anu

wht is monkey testing

#51 Gedi

what are the programming errors of this website

#52 vignesh

Hi sir,

I’m working in consultancy as trainee test engineer.4 months completed and my company going to send me for the interview for their client place.
I need some clarification from you sir.In resume need to mention software testing or manual testing and how to prepare well.
please help me, sir…

Leave a Comment