# Server Side

- [Access control Vulnerabilities and privilege escalation](/hackersnotes/writeups/portswigger-writeups/server-side/access-control-vulnerabilities-and-privilege-escalation.md)
- [API testing](/hackersnotes/writeups/portswigger-writeups/server-side/api-testing.md)
- [Authentication vulnerabilities](/hackersnotes/writeups/portswigger-writeups/server-side/authentication-vulnerabilities.md)
- [Business logic vulnerabilities](/hackersnotes/writeups/portswigger-writeups/server-side/business-logic-vulnerabilities.md)
- [File Upload Vulnerabilities](/hackersnotes/writeups/portswigger-writeups/server-side/file-upload-vulnerabilities.md)
- [information disclosure vulnerabilities](/hackersnotes/writeups/portswigger-writeups/server-side/information-disclosure-vulnerabilities.md)
- [NoSQL Injection](/hackersnotes/writeups/portswigger-writeups/server-side/nosql-injection.md)
- [OAuth Authentication](/hackersnotes/writeups/portswigger-writeups/server-side/oauth-authentication.md)
- [OS Command injection](/hackersnotes/writeups/portswigger-writeups/server-side/os-command-injection.md)
- [Path Traversal](/hackersnotes/writeups/portswigger-writeups/server-side/path-traversal.md)
- [Race Condition](/hackersnotes/writeups/portswigger-writeups/server-side/race-condition.md)
- [Server side request forgery (SSRF)](/hackersnotes/writeups/portswigger-writeups/server-side/server-side-request-forgery-ssrf.md)
- [SQL Injection](/hackersnotes/writeups/portswigger-writeups/server-side/sql-injection.md)
- [XXE injection (Xml eXternal Entity)](/hackersnotes/writeups/portswigger-writeups/server-side/xxe-injection-xml-external-entity.md)