search

amjadafanah / FX-SAAS-9

This project is for testing the security and quality of APIs in FX SaaS
0 stars 0 forks source link

FX-SAAS-9 : ApiV1OrgsIdGetPathParamSqlInjectionMysqlId #1374

Open amjadafanah opened 5 years ago

amjadafanah commented 5 years ago

Project : FX-SAAS-9

Job : Dev

Env : Dev

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 200

Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTExMDAxMTYtMzljZS00MDk3LWI0ODgtZjY4YWNhMDk4NzE2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Fri, 05 Oct 2018 11:19:24 GMT]}

Endpoint : http://13.56.210.25/api/v1/orgs/

Request :

Response :
{ "requestId" : "None", "requestTime" : "2018-10-05T11:19:24.586+0000", "errors" : false, "messages" : [ ], "data" : [ { "id" : "8a8080fe663385cc016633a181ae2ca4", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-10-02T07:15:14.478+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-10-02T07:15:14.478+0000", "version" : null, "inactive" : false, "name" : "orgtest45", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "admin@fxlabs.io", "company" : "orgfx", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a8080de662e009201662e7e6b8a42b3", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-10-01T07:18:48.970+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-10-01T07:18:48.970+0000", "version" : null, "inactive" : false, "name" : "syeda", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "syeda@fxlabs.io", "company" : "FXLabs", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a8080de662e009201662e7957b6419c", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-10-01T07:13:16.214+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-10-01T07:13:16.214+0000", "version" : null, "inactive" : false, "name" : "testorg34", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "admin@fxlabs.io", "company" : "fxlabs56", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a8080de662e009201662e6e23073dba", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-10-01T07:01:01.830+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-10-01T07:01:01.830+0000", "version" : null, "inactive" : false, "name" : "fxlabste", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "khns100@gmail.com", "company" : "fxderst", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80804466160bfa016619628ed84df0", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-27T04:56:21.464+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-27T04:56:21.464+0000", "version" : null, "inactive" : false, "name" : "testorg5666", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "fx@fex.com", "company" : "fxlabs2", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a8080166614fd59016615214e642299", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-26T09:06:36.260+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-26T09:06:36.260+0000", "version" : null, "inactive" : false, "name" : "TESTORG", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "CRAFT@TEST.COM", "company" : "TESTCRAFT", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80802b65f6e0ed01660b975fae22f5", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-24T12:39:21.774+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-24T12:39:21.774+0000", "version" : null, "inactive" : false, "name" : "zcc", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "er@we.com", "company" : "zccc", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80802b65f6e0ed01660b86760019d3", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-24T12:20:53.376+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-24T12:20:53.376+0000", "version" : null, "inactive" : false, "name" : "shahpoa9", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "shan2@fxlabs.com", "company" : "fxlabsco1", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80802b65f6e0ed01660b8144c91438", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-24T12:15:13.097+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-24T12:15:13.097+0000", "version" : null, "inactive" : false, "name" : "shahanaerwE9", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "shan2@fxlabs.com", "company" : "fxlabsco1", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80802b65f6e0ed016602547f6709d9", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-22T17:29:44.039+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-22T17:29:44.039+0000", "version" : null, "inactive" : false, "name" : "testorg2233", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "test@tes.com", "company" : "dadass", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80802b65f6e0ed0165fab4e87d6227", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-21T05:58:04.669+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-21T05:58:04.669+0000", "version" : null, "inactive" : false, "name" : "TestPassword", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "shoukathmd@gmail.com", "company" : "FXLabsT", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80802b65f6e0ed0165f837d9553557", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T18:22:14.357+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T18:22:14.357+0000", "version" : null, "inactive" : false, "name" : "cbcvb", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "cvvcb@we.in", "company" : "cvbcvb", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80802b65f6e0ed0165f7e86d451f96", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T16:55:29.349+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T16:55:29.349+0000", "version" : null, "inactive" : false, "name" : "testorg1", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "red@green.com", "company" : "redsa", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80800c65f4ce160165f6d11350550a", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T11:50:21.776+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T11:50:21.776+0000", "version" : null, "inactive" : false, "name" : "test34", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "test@fx.com", "company" : "fxlabs", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80800c65f4ce160165f6b2655d4a03", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T11:16:51.165+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T11:16:51.165+0000", "version" : null, "inactive" : false, "name" : "devtest", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "test@fxlab.com", "company" : "fxlabs", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80800c65f4ce160165f68c25c034b9", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T10:35:04.512+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T10:35:04.512+0000", "version" : null, "inactive" : false, "name" : "hello", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "hhh@gkg.com", "company" : "hello1", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80800c65f4ce160165f681459e1bef", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T10:23:11.774+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T10:23:11.774+0000", "version" : null, "inactive" : false, "name" : "ZXzX", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "we@we.in", "company" : "XZZX", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80800c65f4ce160165f66facf312d0", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T10:03:58.579+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T10:03:58.579+0000", "version" : null, "inactive" : false, "name" : "test12", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "test@gmal.com", "company" : "test22", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80800c65f4ce160165f6410d8578b7", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T09:13:03.109+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T09:13:03.109+0000", "version" : null, "inactive" : false, "name" : "testcc", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "test@c.com", "company" : "testcc", "location" : null, "orgPlan" : "ENTERPRISE" }, { "id" : "8a80800c65f4ce160165f5c41d5e49fb", "createdBy" : "8a8080cf65e02c0f0165e031fa6b0000", "createdDate" : "2018-09-20T06:56:35.166+0000", "modifiedBy" : "8a8080cf65e02c0f0165e031fa6b0000", "modifiedDate" : "2018-09-20T06:56:35.166+0000", "version" : null, "inactive" : false, "name" : "dev", "description" : null, "orgType" : "ENTERPRISE", "billingEmail" : "dev@g.com", "company" : "dev", "location" : null, "orgPlan" : "ENTERPRISE" } ], "totalPages" : 20, "totalElements" : 55 }

Logs :
Assertion [@ResponseTime >= 5000] resolved-to [484 >= 5000] result [Failed] --- FX Bot ---