SQL_Injection issue exists @ app/src/main/java/jakhar/aseem/diva/SQLInjectionActivity.java in branch master
Method search at line 66 of app\src\main\java\jakhar\aseem\diva\SQLInjectionActivity.java gets user input from the getText element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in a database query in method search at line 66 of app\src\main\java\jakhar\aseem\diva\SQLInjectionActivity.java. This may enable an SQL Injection attack.
kmcdon83
commented
6 years ago
SQL_Injection issue exists @ app/src/main/java/jakhar/aseem/diva/SQLInjectionActivity.java in branch master
Method search at line 66 of app\src\main\java\jakhar\aseem\diva\SQLInjectionActivity.java gets user input from the getText element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in a database query in method search at line 66 of app\src\main\java\jakhar\aseem\diva\SQLInjectionActivity.java. This may enable an SQL Injection attack.
Severity: High CWE:89 Vulnerability details and guidance Internal Guidance Lines: 70
Code (Line #70):