Semgrep ShouldaFound reported a possible false negative. The issue is described below:
For a pentest demonstration, I made this vulnerable SQL request on a login functionality in a Symfony 6.2 repository file, and as the variable is concatenated, there is an injection that the sql-injection ruleset do not find
Semgrep ShouldaFound reported a possible false negative. The issue is described below:
For a pentest demonstration, I made this vulnerable SQL request on a login functionality in a Symfony 6.2 repository file, and as the variable is concatenated, there is an injection that the sql-injection ruleset do not find
A playground link was also created for this shouldafound. See here: https://semgrep.dev/s/DpEY