hhucn / webvulnscan

automated web application vulnerability scanner
MIT License
38 stars 27 forks source link

SQL Injection vulnerability in vulnsrv not found #63

Open phihag opened 11 years ago

phihag commented 11 years ago
$ python -m webvulnscan localhost:8666
Vulnerability: http://localhost:8666/csrf/send CSRF Vulnerability 
Vulnerability: http://localhost:8666/xss/?username=%3Cscript%3Ealert%28%22XSS_STRING%22%29%3B%3C%2Fscript%3E XSS in URL parameter username

There should be at least one report about the SQL injection vulnerability.

phihag commented 11 years ago

We need a generic way to detect soft 500s (i.e. errors that are still served as 200), for example by sending two innocuous requests, finding the similarities, and then sending a third test request.