search

cx-justin-ruth / CxFlowGithub

0 stars 0 forks source link

Remove debug #16

Open cx-justin-ruth opened 2 years ago

cx-justin-ruth commented 2 years ago

Scan submitted to Checkmarx

cx-justin-ruth commented 2 years ago

Checkmarx scan completed

Full Scan Details

Checkmarx Scan Summary

Severity Count
High 81
Medium 90
Low 224
Informational 0

Violation Summary

Severity Count
High 28
Low 149
Medium 42

Details

Lines Severity Category File Link
48 High Client_DOM_XSS root/advanced.jsp Checkmarx
38 High Reflected_XSS_All_Clients root/basket.jsp Checkmarx
11 High Reflected_XSS_All_Clients root/contact.jsp Checkmarx
10 High Reflected_XSS_All_Clients root/search.jsp Checkmarx
46 High Reflected_XSS_All_Clients root/register.jsp Checkmarx
35 High Reflected_XSS_All_Clients root/login.jsp Checkmarx
10 High SQL_Injection root/password.jsp Checkmarx
8 35 40 High SQL_Injection root/login.jsp Checkmarx
38 43 153 217 High SQL_Injection root/basket.jsp Checkmarx
7 46 51 High SQL_Injection root/register.jsp Checkmarx
15 High Second_Order_SQL_Injection root/login.jsp Checkmarx
247 High Stored_XSS root/basket.jsp Checkmarx
91 High Stored_XSS root/header.jsp Checkmarx
15 High Stored_XSS root/login.jsp Checkmarx
25 High Stored_XSS root/home.jsp Checkmarx
14 High Stored_XSS root/score.jsp Checkmarx
42 59 High Stored_XSS root/product.jsp Checkmarx
34 High Stored_XSS root/search.jsp Checkmarx
63 High Stored_XSS root/contact.jsp Checkmarx
16 High Stored_XSS root/admin.jsp Checkmarx
10 Low Blind_SQL_Injections root/password.jsp Checkmarx
43 153 Low Blind_SQL_Injections root/basket.jsp Checkmarx
8 40 Low Blind_SQL_Injections root/login.jsp Checkmarx
7 51 Low Blind_SQL_Injections root/register.jsp Checkmarx
48 Low Client_DOM_Open_Redirect root/advanced.jsp Checkmarx
28 Low Client_JQuery_Deprecated_Symbols root/js/advanced.js Checkmarx
19 20 22 Low Collapse_of_Data_into_Unsafe_Value root/contact.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/contact.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/login.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/product.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/admin.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/password.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/search.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/score.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/register.jsp Checkmarx
89 Low Empty_Password_In_Connection_String root/header.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/advanced.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/dbconnection.jspf Checkmarx
67 Low Empty_Password_In_Connection_String root/init.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/home.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/basket.jsp Checkmarx
7 8 Low Heap_Inspection root/register.jsp Checkmarx
8 Low Heap_Inspection root/login.jsp Checkmarx
103 Low Heap_Inspection src/com/thebodgeitstore/util/AES.java Checkmarx
10 11 Low Heap_Inspection root/password.jsp Checkmarx
8 Low Heap_Inspection root/init.jsp Checkmarx
14 25 Low Improper_Resource_Access_Authorization root/home.jsp Checkmarx
60 84 85 106 114 115 118 171 178 186 193 228 233 247 279 Low Improper_Resource_Access_Authorization root/basket.jsp Checkmarx
16 28 40 Low Improper_Resource_Access_Authorization root/admin.jsp Checkmarx
29 30 59 60 Low Improper_Resource_Access_Authorization root/register.jsp Checkmarx
186 Low Improper_Resource_Access_Authorization src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
14 Low Improper_Resource_Access_Authorization root/score.jsp Checkmarx
29 63 Low Improper_Resource_Access_Authorization root/contact.jsp Checkmarx
15 28 30 32 51 54 62 86 Low Improper_Resource_Access_Authorization root/login.jsp Checkmarx
42 59 Low Improper_Resource_Access_Authorization root/product.jsp Checkmarx
24 Low Improper_Resource_Access_Authorization root/password.jsp Checkmarx
34 57 Low Improper_Resource_Access_Authorization root/search.jsp Checkmarx
91 Low Improper_Resource_Access_Authorization root/header.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/score.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/advanced.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/product.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/login.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/basket.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/home.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/password.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/dbconnection.jspf Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/admin.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/register.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/search.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/contact.jsp Checkmarx
10 11 Low Information_Exposure_Through_Query_String root/password.jsp Checkmarx
7 8 Low Information_Exposure_Through_Query_String root/register.jsp Checkmarx
8 Low Information_Exposure_Through_Query_String root/login.jsp Checkmarx
64 75 Low Information_Exposure_Through_an_Error_Message root/register.jsp Checkmarx
52 Low Information_Exposure_Through_an_Error_Message root/admin.jsp Checkmarx
67 91 121 130 200 277 Low Information_Exposure_Through_an_Error_Message root/basket.jsp Checkmarx
96 Low Information_Exposure_Through_an_Error_Message root/header.jsp Checkmarx
39 Low Information_Exposure_Through_an_Error_Message root/home.jsp Checkmarx
60 Low Information_Exposure_Through_an_Error_Message root/login.jsp Checkmarx
72 Low Information_Exposure_Through_an_Error_Message root/contact.jsp Checkmarx
55 Low Information_Exposure_Through_an_Error_Message root/search.jsp Checkmarx
95 Low Information_Exposure_Through_an_Error_Message root/product.jsp Checkmarx
35 Low Information_Exposure_Through_an_Error_Message root/score.jsp Checkmarx
45 58 Low Information_Leak_Through_Comments root/register.jsp Checkmarx
26 Low Information_Leak_Through_Comments root/login.jsp Checkmarx
12 Low Information_Leak_Through_Comments root/advanced.jsp Checkmarx
35 Low Missing_CSP_Header root/js/advanced.js Checkmarx
1 Low Missing_Content_Security_Policy root/about.jsp Checkmarx
1 Low Missing_X_Frame_Options root/WEB-INF/web.xml Checkmarx
1 Low Missing_X_Frame_Options build/WEB-INF/web.xml Checkmarx
96 105 Low Not_Using_a_Random_IV_with_CBC_Mode src/com/thebodgeitstore/util/AES.java Checkmarx
87 Low Plaintext_Storage_in_a_Cookie root/basket.jsp Checkmarx
83 Low Portability_Flaw_Locale_Dependent_Comparison root/login.jsp Checkmarx
39 Low Portability_Flaw_Locale_Dependent_Comparison root/register.jsp Checkmarx
153 Low Portability_Flaw_Locale_Dependent_Comparison src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
26 Low Portability_Flaw_Locale_Dependent_Comparison src/com/thebodgeitstore/search/SearchResult.java Checkmarx
13 Low Portability_Flaw_Locale_Dependent_Comparison root/search.jsp Checkmarx
1 Low Potential_Clickjacking_on_Legacy_Browsers root/advanced.jsp Checkmarx
46 Low Reliance_on_Cookies_in_a_Decision root/register.jsp Checkmarx
38 Low Reliance_on_Cookies_in_a_Decision root/basket.jsp Checkmarx
35 Low Reliance_on_Cookies_in_a_Decision root/login.jsp Checkmarx
61 Low Sensitive_Cookie_in_HTTPS_Session_Without_Secure_Attribute root/register.jsp Checkmarx
89 Low Sensitive_Cookie_in_HTTPS_Session_Without_Secure_Attribute root/basket.jsp Checkmarx
56 Low Sensitive_Cookie_in_HTTPS_Session_Without_Secure_Attribute root/login.jsp Checkmarx
15 Low Stored_Boundary_Violation root/login.jsp Checkmarx
7 Low Suspected_XSS root/contact.jsp Checkmarx
14 Low Suspected_XSS root/header.jsp Checkmarx
7 Low Suspected_XSS root/password.jsp Checkmarx
147 Low Uncontrolled_Memory_Allocation src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
93 95 188 201 202 Low Unsynchronized_Access_To_Shared_Data src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
8 12 20 30 41 49 Low Use_of_Non_Cryptographic_Random root/init.jsp Checkmarx
24 Low Use_of_Non_Cryptographic_Random root/home.jsp Checkmarx
54 Low Use_of_Non_Cryptographic_Random root/contact.jsp Checkmarx
40 Medium Client_Potential_XSS root/js/advanced.js Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/score.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/advanced.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/basket.jsp Checkmarx
67 Medium Hardcoded_password_in_Connection_String root/init.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/product.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/contact.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/home.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/password.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/dbconnection.jspf Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/login.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/register.jsp Checkmarx
89 Medium Hardcoded_password_in_Connection_String root/header.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/admin.jsp Checkmarx
10 Medium Hardcoded_password_in_Connection_String root/search.jsp Checkmarx
1 Medium HttpOnlyCookies_In_Config build/WEB-INF/web.xml Checkmarx
1 Medium HttpOnlyCookies_In_Config root/WEB-INF/web.xml Checkmarx
1 Medium Missing_HSTS_Header root/about.jsp Checkmarx
34 35 36 Medium Session_Fixation root/register.jsp Checkmarx
48 Medium Session_Fixation src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
3 4 5 Medium Session_Fixation root/logout.jsp Checkmarx
22 23 24 Medium Session_Fixation root/login.jsp Checkmarx
8 Medium Trust_Boundary_Violation root/login.jsp Checkmarx
217 Medium Unchecked_Input_for_Loop_Condition root/basket.jsp Checkmarx
10 Medium XSRF root/password.jsp Checkmarx
38 43 153 165 217 Medium XSRF root/basket.jsp Checkmarx
8 35 40 Medium XSRF root/login.jsp Checkmarx
7 46 51 Medium XSRF root/register.jsp Checkmarx