search

cxronen / OpenRoom

Other
0 stars 0 forks source link

CX SQL_Injection @ or-reserve.php [master] #65

Open cxronen opened 4 years ago

cxronen commented 4 years ago

SQL_Injection issue exists @ or-reserve.php in branch master

Method <?php at line 1 of or-reserve.php gets user input from the _POST element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in a database query in method <?php at line 1 of or-reserve.php. This may enable an SQL Injection attack.

Severity: High

CWE:89

Checkmarx

Lines: 26

Code (Line #26):

    $altusername = (isset($_POST["altusername"])?$_POST["altusername"]:"");
cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

cxronen commented 4 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)