asp top 10 - Githubissues

ivyhan-se commented 2 years ago

sql injection

secure-code-warrior-for-github[bot] commented 2 years ago

Micro-Learning Topic: SQL injection (Detected by phrase)

Matched on "sql injection"

This is probably one of the two most exploited vulnerabilities in web applications and has led to a number of high profile company breaches. It occurs when an application fails to sanitize or validate input before using it to dynamically construct a statement. An attacker that exploits this vulnerability will be able to gain access to the underlying database and view or modify data without permission.

Try this challenge in Secure Code Warrior

ivyhan-se commented 2 years ago

CWE 494

secure-code-warrior-for-github[bot] commented 2 years ago

Micro-Learning Topic: Download of Code Without Integrity Check (CWE 494)

Matched on "CWE 494"

What is this? (2min video)

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

ivyhan-se / mini-tribble

asp top 10 #1

Micro-Learning Topic: SQL injection (Detected by phrase)

Matched on "sql injection"

Try this challenge in Secure Code Warrior

Micro-Learning Topic: Download of Code Without Integrity Check (CWE 494)

Matched on "CWE 494"

Try this challenge in Secure Code Warrior