search

jvlstuff / JavaVulnerableLab

lab
GNU General Public License v2.0
0 stars 1 forks source link

Juegge filter on state status #184

Closed juegge closed 2 years ago

github-actions[bot] commented 2 years ago

Scan submitted to Checkmarx

github-actions[bot] commented 2 years ago

Logo Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 296 vulnerabilities High 128 High Medium 142 Medium Low 26 Low Info 0 Info

Violation Summary

High 63 High

View more details on Checkmarx UI

Cx-SAST Details

Lines Severity Category File Link
35 36 High XPath_Injection src/main/java/org/cysecurity/cspf/jvl/controller/XPathQuery.java Checkmarx
19 High Stored_XSS src/main/webapp/admin/adminlogin.jsp Checkmarx
21 29 High Stored_XSS src/main/webapp/myprofile.jsp Checkmarx
66 High Stored_XSS src/main/webapp/vulnerability/forum.jsp Checkmarx
12 High Stored_XSS src/main/webapp/vulnerability/forumUsersList.jsp Checkmarx
13 High Stored_XSS src/main/webapp/vulnerability/UserDetails.jsp Checkmarx
14 High Stored_XSS src/main/webapp/vulnerability/forumposts.jsp Checkmarx
16 High Stored_XSS src/main/webapp/vulnerability/DisplayMessage.jsp Checkmarx
52 High Stored_XSS src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java Checkmarx
24 High Stored_XSS src/main/webapp/vulnerability/idor/download.jsp Checkmarx
14 High Stored_XSS src/main/webapp/vulnerability/Messages.jsp Checkmarx
19 High Stored_XSS src/main/webapp/vulnerability/securitymisconfig/pages.jsp Checkmarx
43 High Stored_XSS src/main/webapp/vulnerability/sqli/download_id_union.jsp Checkmarx
42 High Stored_XSS src/main/webapp/ForgotPassword.jsp Checkmarx
43 High Stored_XSS src/main/webapp/vulnerability/sqli/download_id.jsp Checkmarx
19 High Stored_XSS src/main/webapp/admin/manageusers.jsp Checkmarx
19 High Second_Order_SQL_Injection src/main/webapp/admin/adminlogin.jsp Checkmarx
52 High Second_Order_SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java Checkmarx
16 High SQL_Injection src/main/webapp/myprofile.jsp Checkmarx
43 44 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java Checkmarx
43 44 45 46 47 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/Register.java Checkmarx
43 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/UsernameCheck.java Checkmarx
8 High SQL_Injection src/main/webapp/vulnerability/UserDetails.jsp Checkmarx
42 High SQL_Injection src/main/webapp/ForgotPassword.jsp Checkmarx
9 High SQL_Injection src/main/webapp/vulnerability/forumposts.jsp Checkmarx
58 60 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/Install.java Checkmarx
26 High SQL_Injection src/main/webapp/vulnerability/csrf/change-info.jsp Checkmarx
44 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java Checkmarx
16 High SQL_Injection src/main/webapp/vulnerability/DisplayMessage.jsp Checkmarx
50 High SQL_Injection src/main/webapp/vulnerability/Injection/orm.jsp Checkmarx
18 High SQL_Injection src/main/webapp/vulnerability/sqli/download_id.jsp Checkmarx
35 36 High SQL_Injection src/main/java/org/cysecurity/cspf/jvl/controller/XPathQuery.java Checkmarx
37 38 39 High SQL_Injection src/main/webapp/changeCardDetails.jsp Checkmarx
13 High SQL_Injection src/main/webapp/admin/manageusers.jsp Checkmarx
11 High SQL_Injection src/main/webapp/admin/adminlogin.jsp Checkmarx
27 28 High SQL_Injection src/main/webapp/vulnerability/idor/change-email.jsp Checkmarx
18 High SQL_Injection src/main/webapp/vulnerability/sqli/download_id_union.jsp Checkmarx
33 High SQL_Injection src/main/webapp/vulnerability/csrf/changepassword.jsp Checkmarx
16 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/xss/search.jsp Checkmarx
9 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/Injection/xpath_login.jsp Checkmarx
2 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/xss/xss4.jsp Checkmarx
7 26 High Reflected_XSS_All_Clients src/main/webapp/login.jsp Checkmarx
11 18 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/SendMessage.jsp Checkmarx
44 High Reflected_XSS_All_Clients src/main/java/org/cysecurity/cspf/jvl/controller/xxe.java Checkmarx
8 High Reflected_XSS_All_Clients src/main/webapp/vulnerability/UserDetails.jsp Checkmarx
39 High Reflected_XSS_All_Clients src/main/java/org/cysecurity/cspf/jvl/controller/AddPage.java Checkmarx
58 High Connection_String_Injection src/main/java/org/cysecurity/cspf/jvl/controller/Install.java Checkmarx
12 15 High Client_DOM_Stored_XSS src/main/webapp/vulnerability/Injection/xxe.jsp Checkmarx