XSRF issue exists @ dvwa/includes/DBMS/PGSQL.php in branch master
Method <?php at line 1 of dvwa\includes\DBMS\PGSQL.php gets a parameter from a user request from _SERVER. This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (XSRF).
cxdcox
commented
4 years ago
XSRF issue exists @ dvwa/includes/DBMS/PGSQL.php in branch master
Method <?php at line 1 of dvwa\includes\DBMS\PGSQL.php gets a parameter from a user request from _SERVER. This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (XSRF).
Severity: Medium
CWE:352
Checkmarx
Lines: 56
Code (Line #56):