search

jbruinaud / BodgeitCxFlowGithub

0 stars 0 forks source link

Update README.md #39

Open jbruinaud opened 2 years ago

jbruinaud commented 2 years ago

Scan submitted to Checkmarx

jbruinaud commented 2 years ago

Logo Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 396 vulnerabilities High 64 High Medium 83 Medium Low 249 Low Info 0 Info

Violation Summary

High 32 High Low 211 Low Medium 28 Medium

View more details on Checkmarx UI

Cx-SAST Details

Lines Severity Category File Link
34 35 36 Medium Session_Fixation root/register.jsp Checkmarx
48 Medium Session_Fixation src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
22 23 24 Medium Session_Fixation root/login.jsp Checkmarx
3 4 5 Medium Session_Fixation root/logout.jsp Checkmarx
1 Medium Missing_HSTS_Header root/about.jsp Checkmarx
0 Medium HttpOnlyCookies_In_Config root/WEB-INF/web.xml Checkmarx
40 Medium Client_Potential_XSS root/js/advanced.js Checkmarx
10 Medium CSRF root/password.jsp Checkmarx
6 7 46 51 Medium CSRF root/register.jsp Checkmarx
7 8 35 40 Medium CSRF root/login.jsp Checkmarx
38 43 148 160 212 Medium CSRF root/basket.jsp Checkmarx
11 Medium CSRF root/contact.jsp Checkmarx
24 Low Use_of_Non_Cryptographic_Random root/home.jsp Checkmarx
54 Low Use_of_Non_Cryptographic_Random root/contact.jsp Checkmarx
8 12 20 30 41 49 Low Use_of_Non_Cryptographic_Random root/init.jsp Checkmarx
93 95 188 201 202 Low Unsynchronized_Access_To_Shared_Data src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
7 8 Low Trust_Boundary_Violation_in_Session_Variables root/login.jsp Checkmarx
6 Low Trust_Boundary_Violation_in_Session_Variables root/register.jsp Checkmarx
175 Low TruffleHog_HighEntropy_Strings root/init.jsp Checkmarx
123 Low TruffleHog_HighEntropy_Strings src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
34580 34585 34586 34620 34621 34622 34649 34652 34653 34656 34657 34658 264190 264191 264192 264195 264196 264207 264208 264209 264214 264215 264216 264217 264218 Low TruffleHog_HighEntropy_Strings lib/selenium-server-standalone-2.43.0.jar Checkmarx
551 888 5630 18364 20746 21031 21033 21045 26789 28064 31199 31600 33630 35392 38510 39820 42607 43678 46825 48890 50008 50109 51863 54125 54771 57195 60371 61177 65786 67539 71071 71515 72268 72663 72832 76608 Low TruffleHog_HighEntropy_Strings lib/zap-api-v2-9.jar Checkmarx
7 Low Suspected_XSS root/password.jsp Checkmarx
14 Low Suspected_XSS root/header.jsp Checkmarx
7 Low Suspected_XSS root/contact.jsp Checkmarx
15 Low Stored_Boundary_Violation root/login.jsp Checkmarx
84 Low Sensitive_Cookie_in_HTTPS_Session_Without_Secure_Attribute root/basket.jsp Checkmarx
61 Low Sensitive_Cookie_in_HTTPS_Session_Without_Secure_Attribute root/register.jsp Checkmarx
56 Low Sensitive_Cookie_in_HTTPS_Session_Without_Secure_Attribute root/login.jsp Checkmarx
38 Low Reliance_on_Cookies_in_a_Decision root/basket.jsp Checkmarx
35 Low Reliance_on_Cookies_in_a_Decision root/login.jsp Checkmarx
46 Low Reliance_on_Cookies_in_a_Decision root/register.jsp Checkmarx
32 Low Race_Condition_Format_Flaw root/home.jsp Checkmarx
51 72 Low Race_Condition_Format_Flaw root/product.jsp Checkmarx
262 263 267 Low Race_Condition_Format_Flaw root/basket.jsp Checkmarx
1 Low Potential_Clickjacking_on_Legacy_Browsers root/advanced.jsp Checkmarx
39 Low Portability_Flaw_Locale_Dependent_Comparison root/register.jsp Checkmarx
83 Low Portability_Flaw_Locale_Dependent_Comparison root/login.jsp Checkmarx
13 Low Portability_Flaw_Locale_Dependent_Comparison root/search.jsp Checkmarx
153 Low Portability_Flaw_Locale_Dependent_Comparison src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
26 Low Portability_Flaw_Locale_Dependent_Comparison src/com/thebodgeitstore/search/SearchResult.java Checkmarx
82 Low Plaintext_Storage_in_a_Cookie root/basket.jsp Checkmarx
96 105 Low Not_Using_a_Random_IV_with_CBC_Mode src/com/thebodgeitstore/util/AES.java Checkmarx
3 Low Missing_X_Frame_Options build/WEB-INF/web.xml Checkmarx
17 Low Missing_Content_Security_Policy root/admin.jsp Checkmarx
45 58 Low Information_Leak_Through_Comments root/register.jsp Checkmarx
26 Low Information_Leak_Through_Comments root/login.jsp Checkmarx
12 Low Information_Leak_Through_Comments root/advanced.jsp Checkmarx
55 Low Information_Exposure_Through_an_Error_Message root/search.jsp Checkmarx
35 Low Information_Exposure_Through_an_Error_Message root/score.jsp Checkmarx
62 86 116 125 195 272 Low Information_Exposure_Through_an_Error_Message root/basket.jsp Checkmarx
64 75 Low Information_Exposure_Through_an_Error_Message root/register.jsp Checkmarx
96 Low Information_Exposure_Through_an_Error_Message root/header.jsp Checkmarx
39 Low Information_Exposure_Through_an_Error_Message root/home.jsp Checkmarx
72 Low Information_Exposure_Through_an_Error_Message root/contact.jsp Checkmarx
95 Low Information_Exposure_Through_an_Error_Message root/product.jsp Checkmarx
52 Low Information_Exposure_Through_an_Error_Message root/admin.jsp Checkmarx
60 Low Information_Exposure_Through_an_Error_Message root/login.jsp Checkmarx
7 8 Low Information_Exposure_Through_Query_String root/register.jsp Checkmarx
10 11 Low Information_Exposure_Through_Query_String root/password.jsp Checkmarx
8 Low Information_Exposure_Through_Query_String root/login.jsp Checkmarx
10 Low Improper_Resource_Shutdown_or_Release root/dbconnection.jspf Checkmarx
67 Low Improper_Resource_Shutdown_or_Release root/init.jsp Checkmarx
63 Low Improper_Resource_Access_Authorization root/contact.jsp Checkmarx
186 Low Improper_Resource_Access_Authorization src/com/thebodgeitstore/search/AdvancedSearch.java Checkmarx
42 59 Low Improper_Resource_Access_Authorization root/product.jsp Checkmarx
91 98 Low Improper_Resource_Access_Authorization root/header.jsp Checkmarx
34 57 Low Improper_Resource_Access_Authorization root/search.jsp Checkmarx
14 25 Low Improper_Resource_Access_Authorization root/home.jsp Checkmarx
15 28 30 32 51 54 62 86 Low Improper_Resource_Access_Authorization root/login.jsp Checkmarx
24 Low Improper_Resource_Access_Authorization root/password.jsp Checkmarx
55 79 80 101 109 110 113 166 173 181 188 223 228 242 274 Low Improper_Resource_Access_Authorization root/basket.jsp Checkmarx
14 Low Improper_Resource_Access_Authorization root/score.jsp Checkmarx
29 30 59 60 Low Improper_Resource_Access_Authorization root/register.jsp Checkmarx
16 28 40 Low Improper_Resource_Access_Authorization root/admin.jsp Checkmarx
5 8 Low Heap_Inspection root/init.jsp Checkmarx
10 11 Low Heap_Inspection root/password.jsp Checkmarx
103 Low Heap_Inspection src/com/thebodgeitstore/util/AES.java Checkmarx
8 Low Heap_Inspection root/login.jsp Checkmarx
7 8 Low Heap_Inspection root/register.jsp Checkmarx
18 49 Low Escape_False root/search.jsp Checkmarx
57 Low Escape_False root/password.jsp Checkmarx
89 90 Low Escape_False root/contact.jsp Checkmarx
26 27 46 47 62 Low Escape_False root/advanced.jsp Checkmarx
67 Low Empty_Password_In_Connection_String root/init.jsp Checkmarx
10 Low Empty_Password_In_Connection_String root/dbconnection.jspf Checkmarx
89 Low Empty_Password_In_Connection_String root/header.jsp Checkmarx
19 20 22 Low Collapse_of_Data_into_Unsafe_Value root/contact.jsp Checkmarx
28 Low Client_JQuery_Deprecated_Symbols root/js/advanced.js Checkmarx
48 Low Client_DOM_Open_Redirect root/advanced.jsp Checkmarx
43 148 212 Low Blind_SQL_Injections root/basket.jsp Checkmarx
10 Low Blind_SQL_Injections root/password.jsp Checkmarx
6 7 51 Low Blind_SQL_Injections root/register.jsp Checkmarx
7 8 40 Low Blind_SQL_Injections root/login.jsp Checkmarx
34 High Stored_XSS root/search.jsp Checkmarx
15 High Stored_XSS root/login.jsp Checkmarx
16 High Stored_XSS root/admin.jsp Checkmarx
14 High Stored_XSS root/score.jsp Checkmarx
91 High Stored_XSS root/header.jsp Checkmarx
25 High Stored_XSS root/home.jsp Checkmarx
42 59 High Stored_XSS root/product.jsp Checkmarx
242 High Stored_XSS root/basket.jsp Checkmarx
63 High Stored_XSS root/contact.jsp Checkmarx
15 High Second_Order_SQL_Injection root/login.jsp Checkmarx
38 43 148 212 High SQL_Injection root/basket.jsp Checkmarx
10 High SQL_Injection root/password.jsp Checkmarx
7 8 35 40 High SQL_Injection root/login.jsp Checkmarx
6 7 46 51 High SQL_Injection root/register.jsp Checkmarx
38 High Reflected_XSS_All_Clients root/basket.jsp Checkmarx
6 46 High Reflected_XSS_All_Clients root/register.jsp Checkmarx
11 High Reflected_XSS_All_Clients root/contact.jsp Checkmarx
10 High Reflected_XSS_All_Clients root/search.jsp Checkmarx
7 35 High Reflected_XSS_All_Clients root/login.jsp Checkmarx
48 High Client_DOM_XSS root/advanced.jsp Checkmarx