Skip to content

sqli - incremental scan#4

Open
cx-lucas-ferreira wants to merge 1 commit into
devfrom
cx-lucas-ferreira-incremental-pr
Open

sqli - incremental scan#4
cx-lucas-ferreira wants to merge 1 commit into
devfrom
cx-lucas-ferreira-incremental-pr

Conversation

@cx-lucas-ferreira

Copy link
Copy Markdown
Contributor

sqli - incremental scan

sqli - incremental scan
@cx-lucas-ferreira

Copy link
Copy Markdown
Contributor Author

Logo
Checkmarx One – Scan Summary & Details40fc2239-8292-4a93-9b7a-0fdbd005458c

New Issues (7)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
CRITICAL SQL_Injection /vulnerabilities/sqli_blind/source/high_sqli_blind.php: 5
detailsThe application's method executes an SQL query with query, at line 13 of /vulnerabilities/sqli_blind/source/high_sqli_blind.php. The applicat...
ID: %2FVjCwJM9FoYdlVHDpnDSMtvcb%2FA%3D
Attack Vector
MEDIUM Parameter_Tampering /vulnerabilities/sqli_blind/source/high_sqli_blind.php: 5
detailsMethod at line 5 of /vulnerabilities/sqli_blind/source/high_sqli_blind.php gets user input from element _COOKIE. This input is later concate...
ID: 04p0XwO3%2Fv3vFqOxsJhOHDhbYu4%3D
Attack Vector
LOW Improper_Exception_Handling /vulnerabilities/sqli_blind/source/high.php: 11
detailsThe method at line 11 of /vulnerabilities/sqli_blind/source/high.php performs an operation that could be expected to throw an exception, and is ...
ID: OFjYmW2c9Ph2nklJod%2Bn85%2BpyJ8%3D
Attack Vector
LOW Improper_Exception_Handling /vulnerabilities/sqli_blind/source/high_sqli_blind.php: 13
detailsThe method at line 13 of /vulnerabilities/sqli_blind/source/high_sqli_blind.php performs an operation that could be expected to throw an excep...
ID: Mw%2B4OBalKWhhL%2FalrFPlyjtjGnk%3D
Attack Vector
LOW Information_Exposure_Through_an_Error_Message /vulnerabilities/sqli_blind/source/high.php: 32
detailsMethod , at line 32 of /vulnerabilities/sqli_blind/source/high.php, handles an Exception or runtime Error e. During the exception handling code,...
ID: aBagfQzLIa1dIfQerwW6D5TiC4o%3D
Attack Vector
LOW Use_of_Non_Cryptographic_Random /vulnerabilities/sqli_blind/source/high_sqli_blind.php: 51
detailsMethod at line 51 of /vulnerabilities/sqli_blind/source/high_sqli_blind.php uses a weak method rand to produce random values. These values mi...
ID: ghztYp%2BS5YLy1F0Rc%2B7pbSfGd2Q%3D
Attack Vector
LOW Use_of_Non_Cryptographic_Random /vulnerabilities/sqli_blind/source/high_sqli_blind.php: 52
detailsMethod at line 52 of /vulnerabilities/sqli_blind/source/high_sqli_blind.php uses a weak method rand to produce random values. These values mi...
ID: fGpnfn%2FIOKJ7vO4CNrRi7GNBchs%3D
Attack Vector
Policy Management Violations (1)
Policy Name: tech-debit The following violations of your team's AppSec policy rules were identified in this project. Since 'Break Build' is enabled for these rules, you must resolve these issues before the Pull Request can be merged.
  • Rule Name: New vulnerabilities of Critical and High severity levels detected
    Scanner: SAST

Use @Checkmarx to reach out to us for assistance.

Just send a PR comment with @Checkmarx followed by a natural language request.

Examples: @Checkmarx how are you able to help me? @Checkmarx rescan this PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant