CMaheshBL / CxFlowGithub

The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
0 stars 1 forks source link

Security fix #20

Closed CMaheshBL closed 2 years ago

CMaheshBL commented 2 years ago

Test

CMaheshBL commented 2 years ago

Scan submitted to Checkmarx

CMaheshBL commented 2 years ago

Logo
Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 364 vulnerabilities
High 66 High
Medium 80 Medium
Low 218 Low
Info 0 Info

Violation Summary

High 31 High
View more details on Checkmarx UI

Cx-SAST Details

Lines Severity Category File Link
186 High Stored_XSS src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
14 High Stored_XSS root/score.jsp Checkmarx
16 High Stored_XSS root/admin.jsp Checkmarx
34 High Stored_XSS root/search.jsp Checkmarx
247 High Stored_XSS root/basket.jsp Checkmarx
42 59 High Stored_XSS root/product.jsp Checkmarx
25 High Stored_XSS root/home.jsp Checkmarx
63 High Stored_XSS root/contact.jsp Checkmarx
91 High Stored_XSS root/header.jsp Checkmarx
15 High Stored_XSS root/login.jsp Checkmarx
38 43 153 217 High SQL_Injection root/basket.jsp Checkmarx
10 High SQL_Injection root/password.jsp Checkmarx
6 7 46 51 High SQL_Injection root/register.jsp Checkmarx
7 8 35 40 High SQL_Injection root/login.jsp Checkmarx
7 35 High Reflected_XSS_All_Clients root/login.jsp Checkmarx
38 High Reflected_XSS_All_Clients root/basket.jsp Checkmarx
10 High Reflected_XSS_All_Clients root/search.jsp Checkmarx
11 High Reflected_XSS_All_Clients root/contact.jsp Checkmarx
6 46 High Reflected_XSS_All_Clients root/register.jsp Checkmarx