search

1modm / petereport

PeTeReport is an open-source application vulnerability reporting tool.
https://1modm.github.io/petereport/
BSD 3-Clause "New" or "Revised" License
449 stars 131 forks source link

500 error when importing findings from csv #82

Closed 410-sh closed 9 months ago

410-sh commented 9 months ago

When trying to upload findings from a csv file, I am getting a 500 error. Below is the output I am getting with debug mode enabled:

Request URL: http://localhost/en/findings/upload/1

Django Version: 4.2.6
Python Version: 3.11.2
Installed Applications:
['django.contrib.admin',
 'django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'martor',
 'django_bleach',
 'preport']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.locale.LocaleMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware']

Traceback (most recent call last):
  File "/root/.local/share/virtualenvs/petereport-_1hU1HQ3/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
               ^^^^^^^^^^^^^^^^^^^^^
  File "/root/.local/share/virtualenvs/petereport-_1hU1HQ3/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/root/.local/share/virtualenvs/petereport-_1hU1HQ3/lib/python3.11/site-packages/django/contrib/auth/decorators.py", line 23, in _wrapper_view
    return view_func(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/petereport/app/preport/decorators.py", line 14, in wrapper_func
    return view_func(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/petereport/app/preport/views.py", line 1590, in upload_csv_findings
    f_id = header.index("ID")
           ^^^^^^^^^^^^^^^^^^

Exception Type: ValueError at /en/findings/upload/1
Exception Value: 'ID' is not in list

If I comment out one line in views.py, it seems to throw the same error for the next line

image