Heuristic_SQL_Injection issue exists @ App_Code/DB/MySqlDbProvider.cs in branch master
The application's ButtonCheckEmail_Click method executes an SQL query with GetSecurityQuestionAndAnswer, at line 26 of WebGoatCoins\ForgotPassword.aspx.cs. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.
This apparent database access is seemingly encapsulated in an external component or API.
Thus, it seems that the attacker might be able to inject arbitrary data into the SQL query, by altering the user input row, which is read by the GetSecurityQuestionAndAnswer method, at line 319 of App_Code\DB\MySqlDbProvider.cs. This input then flows through the code to the external API, and from there to a database server, apparently without sanitization.
This may enable an SQL Injection attack, based on heuristic analysis.
Heuristic_SQL_Injection issue exists @ App_Code/DB/MySqlDbProvider.cs in branch master
The application's ButtonCheckEmail_Click method executes an SQL query with GetSecurityQuestionAndAnswer, at line 26 of WebGoatCoins\ForgotPassword.aspx.cs. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly. This apparent database access is seemingly encapsulated in an external component or API. Thus, it seems that the attacker might be able to inject arbitrary data into the SQL query, by altering the user input row, which is read by the GetSecurityQuestionAndAnswer method, at line 319 of App_Code\DB\MySqlDbProvider.cs. This input then flows through the code to the external API, and from there to a database server, apparently without sanitization. This may enable an SQL Injection attack, based on heuristic analysis.
Severity: Low
CWE:89
Checkmarx
Lines: 337 338
Code (Line #337):
Code (Line #338):