Main
nova-8 / cx-ast Goto Github PK
View Code? Open in Web Editor NEWTreinamento Checkmarx
Treinamento Checkmarx
SQL_Injection issue exists @ src/Login.java in branch main
*The application's main method executes an SQL query with executeQuery, at line 33 of src\Login.java. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input ""email""; this input is then read by the main method at line 22 of src\Login.java. This input then flows through the code, into a query and to the database server - without sanitization.
This may enable an SQL Injection attack.
Similarity ID: 721592881
The application's main method executes an SQL query with executeQuery, at line 33 of src\Login.java. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input ""password""; this input is then read by the main method at line 23 of src\Login.java. This input then flows through the code, into a query and to the database server - without sanitization.
This may enable an SQL Injection attack.
Similarity ID: 2007508249*
Severity: High
CWE:89
Vulnerability details and guidance
String email = request.getParameter("email");
String token = request.getParameter("password");
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.