search

JimLoughran / 1st-Repo

My 1st Github Repo
0 stars 0 forks source link

Security Vulnerability found in code #6

Open JimLoughran opened 3 years ago

JimLoughran commented 3 years ago

Looks like a SQL Injection vuln to me, better get it fixed quickly!

secure-code-warrior-for-github[bot] commented 3 years ago

Micro-Learning Topic: SQL injection (Detected by phrase)

What is this? (2min video)

This is probably one of the two most exploited vulnerabilities in web applications and has led to a number of high profile company breaches. It occurs when an application fails to sanitize or validate input before using it to dynamically construct a statement. An attacker that exploits this vulnerability will be able to gain access to the underlying database and view or modify data without permission.

Try this challenge in Secure Code Warrior

secure-code-warrior-for-github[bot] commented 3 years ago

Micro-Learning Topic: Improper Control of Resource Identifiers ('Resource Injection') (CWE 99)

What is this? (2min video)

The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.

Try this challenge in Secure Code Warrior