Open cx-scord opened 3 years ago
Checkmarx SAST - Scan Summary & Details
Total of 179 vulnerabilities
83 High
89 Medium
7 Low
0 Info
28 High
7 Low
41 Medium
View more details on Checkmarx UI
Lines | Severity | Category | File | Link |
---|---|---|---|---|
8 35 40 | Medium | XSRF_via_Service | root/login.jsp | Checkmarx |
10 | Medium | XSRF_via_Service | root/password.jsp | Checkmarx |
7 46 51 | Medium | XSRF_via_Service | root/register.jsp | Checkmarx |
38 43 157 169 221 | Medium | XSRF_via_Service | root/basket.jsp | Checkmarx |
221 | Medium | Unchecked_Input_for_Loop_Condition_via_Service | root/basket.jsp | Checkmarx |
8 | Medium | Trust_Boundary_Violation | root/login.jsp | Checkmarx |
34 35 36 | Medium | Session_Fixation | root/register.jsp | Checkmarx |
22 23 24 | Medium | Session_Fixation | root/login.jsp | Checkmarx |
48 | Medium | Session_Fixation | src/com/thebodgeitstore/search/AdvancedSearch.java | Checkmarx |
3 4 5 | Medium | Session_Fixation | root/logout.jsp | Checkmarx |
1 | Medium | Missing_HSTS_Header | root/about.jsp | Checkmarx |
1 | Medium | HttpOnlyCookies_In_Config | build/WEB-INF/web.xml | Checkmarx |
1 | Medium | HttpOnlyCookies_In_Config | root/WEB-INF/web.xml | Checkmarx |
67 | Medium | Hardcoded_password_in_Connection_String | root/init.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/login.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/password.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/search.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/admin.jsp | Checkmarx |
89 | Medium | Hardcoded_password_in_Connection_String | root/header.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/register.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/product.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/contact.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/basket.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/advanced.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/home.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/score.jsp | Checkmarx |
10 | Medium | Hardcoded_password_in_Connection_String | root/dbconnection.jspf | Checkmarx |
7 8 | Low | Heap_Inspection | root/register.jsp | Checkmarx |
103 | Low | Heap_Inspection | src/com/thebodgeitstore/util/AES.java | Checkmarx |
8 | Low | Heap_Inspection | root/login.jsp | Checkmarx |
10 11 | Low | Heap_Inspection | root/password.jsp | Checkmarx |
8 | Low | Heap_Inspection | root/init.jsp | Checkmarx |
251 | High | Stored_XSS | root/basket.jsp | Checkmarx |
34 | High | Stored_XSS | root/search.jsp | Checkmarx |
15 | High | Stored_XSS | root/login.jsp | Checkmarx |
14 | High | Stored_XSS | root/score.jsp | Checkmarx |
91 | High | Stored_XSS | root/header.jsp | Checkmarx |
63 | High | Stored_XSS | root/contact.jsp | Checkmarx |
25 | High | Stored_XSS | root/home.jsp | Checkmarx |
16 | High | Stored_XSS | root/admin.jsp | Checkmarx |
42 59 | High | Stored_XSS | root/product.jsp | Checkmarx |
15 | High | Second_Order_SQL_Injection | root/login.jsp | Checkmarx |
8 35 40 | High | SQL_Injection_via_Service | root/login.jsp | Checkmarx |
7 46 51 | High | SQL_Injection_via_Service | root/register.jsp | Checkmarx |
38 43 157 221 | High | SQL_Injection_via_Service | root/basket.jsp | Checkmarx |
10 | High | SQL_Injection_via_Service | root/password.jsp | Checkmarx |
10 | High | Reflected_XSS_All_Clients | root/search.jsp | Checkmarx |
38 | High | Reflected_XSS_All_Clients | root/basket.jsp | Checkmarx |
46 | High | Reflected_XSS_All_Clients | root/register.jsp | Checkmarx |
35 | High | Reflected_XSS_All_Clients | root/login.jsp | Checkmarx |
11 | High | Reflected_XSS_All_Clients | root/contact.jsp | Checkmarx |
48 | High | Client_DOM_XSS | root/advanced.jsp | Checkmarx |
Scan submitted to Checkmarx