Professional Documents
Culture Documents
JMS Sample Report
JMS Sample Report
Filter Settings
Severity
Included: High, Medium, Low, Information
Excluded: None
Result State
Included: To Verify, Not Exploitable, Confirmed, Urgent, Proposed Not Exploitable
Excluded: None
Assigned to
Included: All
Categories
Included:
Uncategorized All
Custom All
PCI DSS v3.2.1 All
OWASP Top 10 2013 All
FISMA 2014 All
NIST SP 800-53 All
OWASP Top 10 2017 All
OWASP Mobile Top 10 All
2016
ASD STIG 4.10 All
OWASP Top 10 API All
OWASP Top 10 2010 All
OWASP Top 10 2021 All
MOIS(KISA) Secure All
PAGE 1 OF 299
Coding 2021
SANS top 25 All
CWE top 25 All
OWASP ASVS All
ASA Mobile Premium All
ASA Premium All
Top Tier All
ASD STIG 5.2 All
Excluded:
Uncategorized None
Custom None
PCI DSS v3.2.1 None
OWASP Top 10 2013 None
FISMA 2014 None
NIST SP 800-53 None
OWASP Top 10 2017 None
OWASP Mobile Top 10 None
2016
ASD STIG 4.10 None
OWASP Top 10 API None
OWASP Top 10 2010 None
OWASP Top 10 2021 None
MOIS(KISA) Secure None
Coding 2021
SANS top 25 None
CWE top 25 None
OWASP ASVS None
ASA Mobile Premium None
ASA Premium None
Top Tier None
ASD STIG 5.2 None
Results Limit
A limit was not defined
Selected Queries
Selected queries are listed in Result Summary
PAGE 2 OF 299
Result Summary Most Vulnerable Files
Customer.java
Billing.java
High
Medium Vendor.java
Low
Inventory.java
JobCard.java
Top 5 Vulnerabilities
PAGE 3 OF 299
Scan Summary - OWASP Top 10 2017
Further details and elaboration about vulnerabilities and risks can be found at: OWASP Top 10 2017
A6-Security
App. App.
Misconfiguration EASY WIDESPREAD EASY MODERATE 34 34
Specific Specific
*
A9-Using
Components App. App.
AVERAGE WIDESPREAD AVERAGE MODERATE 1 1
with Known Specific Specific
Vulnerabilities*
A10-Insufficient
App. App.
Logging & AVERAGE WIDESPREAD DIFFICULT MODERATE 0 0
Specific Specific
Monitoring
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 4 OF 299
Scan Summary - OWASP Top 10 2021
A2-Cryptographic Failures 8 8
A3-Injection* 118 30
A4-Insecure Design* 45 42
A5-Security Misconfiguration* 0 0
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 5 OF 299
Scan Summary - OWASP Top 10 2013
Further details and elaboration about vulnerabilities and risks can be found at: OWASP Top 10 2013
A2-Broken
EXTERNAL, AFFECTED
Authentication
INTERNAL AVERAGE WIDESPREAD AVERAGE SEVERE DATA AND 4 1
and Session
USERS FUNCTIONS
Management*
EXTERNAL, AFFECTED
A3-Cross-Site VERY
INTERNAL, AVERAGE EASY MODERATE DATA AND 0 0
Scripting (XSS) WIDESPREAD
ADMIN USERS SYSTEM
A4-Insecure
SYSTEM EXPOSED
Direct Object EASY COMMON EASY MODERATE 20 8
USERS DATA
References*
A5-Security EXTERNAL,
ALL DATA
Misconfiguration INTERNAL, EASY COMMON EASY MODERATE 33 33
AND SYSTEM
* ADMIN USERS
EXTERNAL,
INTERNAL,
A6-Sensitive EXPOSED
ADMIN DIFFICULT UNCOMMON AVERAGE SEVERE 7 7
Data Exposure* DATA
USERS, USERS
BROWSERS
A8-Cross-Site AFFECTED
USERS
Request Forgery AVERAGE COMMON EASY MODERATE DATA AND 35 10
BROWSERS
(CSRF) FUNCTIONS
A9-Using EXTERNAL
AFFECTED
Components USERS,
AVERAGE WIDESPREAD DIFFICULT MODERATE DATA AND 1 1
with Known AUTOMATED
FUNCTIONS
Vulnerabilities* TOOLS
A10-Unvalidated AFFECTED
USERS
Redirects and AVERAGE WIDESPREAD DIFFICULT MODERATE DATA AND 0 0
BROWSERS
Forwards FUNCTIONS
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 6 OF 299
Scan Summary - PCI DSS v3.2.1
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 7 OF 299
Scan Summary - FISMA 2014
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 8 OF 299
Scan Summary - NIST SP 800-53
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 9 OF 299
Scan Summary - OWASP Mobile Top 10 2016
PAGE 10 OF 299
modify the application's data and resources. This
can provide the attacker a direct method of
subverting the intended use of the software for
personal or monetary gain.
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 11 OF 299
Scan Summary - Custom
Check 0 0
Optional 0 0
PAGE 12 OF 299
Scan Summary - ASD STIG 4.10
APSC-DV-000650 - CAT II The application must not write sensitive data into the application logs. 0 0
APSC-DV-000660 - CAT II The application must provide audit record generation capability for session
0 0
timeouts.
APSC-DV-000670 - CAT II The application must record a time stamp indicating when the event occurred. 0 0
APSC-DV-000680 - CAT II The application must provide audit record generation capability for HTTP
0 0
headers including User-Agent, Referer, GET, and POST.
APSC-DV-000690 - CAT II The application must provide audit record generation capability for connecting
0 0
system IP addresses.
APSC-DV-000700 - CAT II The application must record the username or user ID of the user associated with
0 0
the event.
APSC-DV-000710 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to grant privileges occur.
APSC-DV-000720 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to access security objects occur.
APSC-DV-000730 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to access security levels occur.
APSC-DV-000740 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to access categories of information (e.g., classification levels) occur.
APSC-DV-000750 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify privileges occur.
APSC-DV-000760 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify security objects occur.
APSC-DV-000770 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify security levels occur.
APSC-DV-000780 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify categories of information (e.g., classification levels) occur.
APSC-DV-000790 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete privileges occur.
APSC-DV-000800 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete security levels occur.
APSC-DV-000810 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete application database security objects occur.
APSC-DV-000820 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete categories of information (e.g., classification levels) occur.
APSC-DV-000830 - CAT II The application must generate audit records when successful/unsuccessful
0 0
logon attempts occur.
APSC-DV-000840 - CAT II The application must generate audit records for privileged activities or other
0 0
system-level access.
APSC-DV-000850 - CAT II The application must generate audit records showing starting and ending time
0 0
for user access to the system.
APSC-DV-000860 - CAT II The application must generate audit records when successful/unsuccessful
0 0
accesses to objects occur.
PAGE 13 OF 299
APSC-DV-000870 - CAT II The application must generate audit records for all direct access to the
0 0
information system.
APSC-DV-000880 - CAT II The application must generate audit records for all account creations,
0 0
modifications, disabling, and termination events.
APSC-DV-000910 - CAT II The application must initiate session auditing upon startup. 0 0
APSC-DV-000960 - CAT II The application must log user actions involving access to data. 0 0
APSC-DV-000970 - CAT II The application must log user actions involving changes to data. 0 0
APSC-DV-000980 - CAT II The application must produce audit records containing information to establish
0 0
when (date and time) the events occurred.
APSC-DV-000990 - CAT II The application must produce audit records containing enough information to
0 0
establish which component, feature or function of the application triggered the audit event.
APSC-DV-001000 - CAT II When using centralized logging; the application must include a unique identifier
0 0
in order to distinguish itself from other application logs.
APSC-DV-001010 - CAT II The application must produce audit records that contain information to
0 0
establish the outcome of the events.
APSC-DV-001020 - CAT II The application must generate audit records containing information that
0 0
establishes the identity of any individual or process associated with the event.
APSC-DV-001030 - CAT II The application must generate audit records containing the full-text recording
0 0
of privileged commands or the individual identities of group account users.
APSC-DV-001040 - CAT II The application must implement transaction recovery logs when transaction
0 0
based.
APSC-DV-001050 - CAT II The application must provide centralized management and configuration of the
0 0
content to be captured in audit records generated by all application components.
APSC-DV-001070 - CAT II The application must off-load audit records onto a different system or media
0 0
than the system being audited.
APSC-DV-001080 - CAT II The application must be configured to write application logs to a centralized log
0 0
repository.
APSC-DV-001090 - CAT II The application must provide an immediate warning to the SA and ISSO (at a
minimum) when allocated audit record storage volume reaches 75% of repository maximum audit record 0 0
storage capacity.
APSC-DV-001100 - CAT II Applications categorized as having a moderate or high impact must provide an
0 0
immediate real-time alert to the SA and ISSO (at a minimum) for all audit failure events.
APSC-DV-001110 - CAT II The application must alert the ISSO and SA (at a minimum) in the event of an
0 0
audit processing failure.
APSC-DV-001120 - CAT II The application must shut down by default upon audit failure (unless availability
0 0
is an overriding concern).
APSC-DV-001130 - CAT II The application must provide the capability to centrally review and analyze audit
0 0
records from multiple components within the system.
APSC-DV-001140 - CAT II The application must provide the capability to filter audit records for events of
0 0
interest based upon organization-defined criteria.
APSC-DV-001150 - CAT II The application must provide an audit reduction capability that supports on-
0 0
demand reporting requirements.
APSC-DV-001160 - CAT II The application must provide an audit reduction capability that supports on-
0 0
demand audit review and analysis.
APSC-DV-001170 - CAT II The application must provide an audit reduction capability that supports after-
0 0
the-fact investigations of security incidents.
APSC-DV-001180 - CAT II The application must provide a report generation capability that supports on-
0 0
demand audit review and analysis.
PAGE 14 OF 299
APSC-DV-001190 - CAT II The application must provide a report generation capability that supports on-
0 0
demand reporting requirements.
APSC-DV-001200 - CAT II The application must provide a report generation capability that supports after-
0 0
the-fact investigations of security incidents.
APSC-DV-001210 - CAT II The application must provide an audit reduction capability that does not alter
0 0
original content or time ordering of audit records.
APSC-DV-001220 - CAT II The application must provide a report generation capability that does not alter
0 0
original content or time ordering of audit records.
APSC-DV-001250 - CAT II The applications must use internal system clocks to generate time stamps for
0 0
audit records.
APSC-DV-001260 - CAT II The application must record time stamps for audit records that can be mapped
0 0
to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).
APSC-DV-001270 - CAT II The application must record time stamps for audit records that meet a
0 0
granularity of one second for a minimum degree of precision.
APSC-DV-001280 - CAT II The application must protect audit information from any type of unauthorized
0 0
read access.
APSC-DV-001290 - CAT II The application must protect audit information from unauthorized modification. 0 0
APSC-DV-001300 - CAT II The application must protect audit information from unauthorized deletion. 0 0
APSC-DV-001310 - CAT II The application must protect audit tools from unauthorized access. 0 0
APSC-DV-001320 - CAT II The application must protect audit tools from unauthorized modification. 0 0
APSC-DV-001330 - CAT II The application must protect audit tools from unauthorized deletion. 0 0
APSC-DV-001340 - CAT II The application must back up audit records at least every seven days onto a
0 0
different system or system component than the system or component being audited.
APSC-DV-001570 - CAT II The application must electronically verify Personal Identity Verification (PIV)
0 0
credentials.
APSC-DV-001350 - CAT II The application must use cryptographic mechanisms to protect the integrity of
0 0
audit information.
APSC-DV-001370 - CAT II The integrity of the audit tools must be validated by checking the files for
0 0
changes in the cryptographic hash value.
APSC-DV-001390 - CAT II The application must prohibit user installation of software without explicit
0 0
privileged status.
APSC-DV-001410 - CAT II The application must enforce access restrictions associated with changes to
0 0
application configuration.
APSC-DV-001420 - CAT II The application must audit who makes configuration changes to the application. 0 0
APSC-DV-001430 - CAT II The application must have the capability to prevent the installation of patches,
service packs, or application components without verification the software component has been digitally 0 0
signed using a certificate that is recognized and approved by the orga
APSC-DV-001440 - CAT II The applications must limit privileges to change the software resident within
0 0
software libraries.
APSC-DV-001480 - CAT II The application must prevent program execution in accordance with
organization-defined policies regarding software program usage and restrictions, and/or rules authorizing 0 0
the terms and conditions of software program usage.
APSC-DV-001490 - CAT II The application must employ a deny-all, permit-by-exception (whitelist) policy
0 0
to allow the execution of authorized software programs.
APSC-DV-001510 - CAT II The application must be configured to use only functions, ports, and protocols
0 0
permitted to it in the PPSM CAL.
PAGE 15 OF 299
APSC-DV-001520 - CAT II The application must require users to reauthenticate when organization-defined
0 0
circumstances or situations require reauthentication.
APSC-DV-001530 - CAT II The application must require devices to reauthenticate when organization-
0 0
defined circumstances or situations requiring reauthentication.
APSC-DV-001540 - CAT I The application must uniquely identify and authenticate organizational users (or
0 0
processes acting on behalf of organizational users).
APSC-DV-001550 - CAT II The application must use multifactor (Alt. Token) authentication for network
0 0
access to privileged accounts.
APSC-DV-001560 - CAT II The application must accept Personal Identity Verification (PIV) credentials. 0 0
APSC-DV-001580 - CAT II The application must use multifactor (e.g., CAC, Alt. Token) authentication for
0 0
network access to non-privileged accounts.
APSC-DV-001590 - CAT II The application must use multifactor (Alt. Token) authentication for local access
0 0
to privileged accounts.
APSC-DV-001600 - CAT II The application must use multifactor (e.g., CAC, Alt. Token) authentication for
0 0
local access to non-privileged accounts.
APSC-DV-001610 - CAT II The application must ensure users are authenticated with an individual
0 0
authenticator prior to using a group authenticator.
APSC-DV-001620 - CAT II The application must implement replay-resistant authentication mechanisms for
0 0
network access to privileged accounts.
APSC-DV-001630 - CAT II The application must implement replay-resistant authentication mechanisms for
0 0
network access to non-privileged accounts.
APSC-DV-001640 - CAT II The application must utilize mutual authentication when endpoint device non-
0 0
repudiation protections are required by DoD policy or by the data owner.
APSC-DV-001650 - CAT II The application must authenticate all network connected endpoint devices
0 0
before establishing any connection.
APSC-DV-001670 - CAT II The application must disable device identifiers after 35 days of inactivity unless
0 0
a cryptographic certificate is used for authentication.
APSC-DV-001680 - CAT I The application must enforce a minimum 15-character password length. 0 0
APSC-DV-001690 - CAT II The application must enforce password complexity by requiring that at least one
0 0
upper-case character be used.
APSC-DV-001700 - CAT II The application must enforce password complexity by requiring that at least one
0 0
lower-case character be used.
APSC-DV-001710 - CAT II The application must enforce password complexity by requiring that at least one
0 0
numeric character be used.
APSC-DV-001720 - CAT II The application must enforce password complexity by requiring that at least one
0 0
special character be used.
APSC-DV-001730 - CAT II The application must require the change of at least 8 of the total number of
0 0
characters when passwords are changed.
APSC-DV-001740 - CAT I The application must only store cryptographic representations of passwords. 0 0
APSC-DV-001850 - CAT I The application must not display passwords/PINs as clear text. 0 0
APSC-DV-001760 - CAT II The application must enforce 24 hours/1 day as the minimum password lifetime. 0 0
APSC-DV-001770 - CAT II The application must enforce a 60-day maximum password lifetime restriction. 0 0
APSC-DV-001780 - CAT II The application must prohibit password reuse for a minimum of five
0 0
generations.
APSC-DV-001790 - CAT II The application must allow the use of a temporary password for system logons
0 0
with an immediate change to a permanent password.
PAGE 16 OF 299
APSC-DV-001795 - CAT II The application password must not be changeable by users other than the
0 0
administrator or the user with which the password is associated.
APSC-DV-001800 - CAT II The application must terminate existing user sessions upon account deletion. 0 0
APSC-DV-001820 - CAT I The application, when using PKI-based authentication, must enforce authorized
0 0
access to the corresponding private key.
APSC-DV-001830 - CAT II The application must map the authenticated identity to the individual user or
0 0
group account for PKI-based authentication.
APSC-DV-001870 - CAT II The application must uniquely identify and authenticate non-organizational
0 0
users (or processes acting on behalf of non-organizational users).
APSC-DV-001810 - CAT I The application, when utilizing PKI-based authentication, must validate
certificates by constructing a certification path (which includes status information) to an accepted trust 0 0
anchor.
APSC-DV-001840 - CAT II The application, for PKI-based authentication, must implement a local cache of
revocation data to support path discovery and validation in case of the inability to access revocation 0 0
information via the network.
APSC-DV-001860 - CAT II The application must use mechanisms meeting the requirements of applicable
federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for authentication 0 0
to a cryptographic module.
APSC-DV-001880 - CAT II The application must accept Personal Identity Verification (PIV) credentials from
0 0
other federal agencies.
APSC-DV-001890 - CAT II The application must electronically verify Personal Identity Verification (PIV)
0 0
credentials from other federal agencies.
APSC-DV-002050 - CAT II Applications making SAML assertions must use FIPS-approved random numbers
0 0
in the generation of SessionIndex in the SAML element AuthnStatement.
APSC-DV-001930 - CAT II Applications used for non-local maintenance sessions must audit non-local
0 0
maintenance and diagnostic sessions for organization-defined auditable events.
APSC-DV-000310 - CAT III The application must have a process, feature or function that prevents removal
0 0
or disabling of emergency accounts.
APSC-DV-001940 - CAT II Applications used for non-local maintenance sessions must implement
cryptographic mechanisms to protect the integrity of non-local maintenance and diagnostic 0 0
communications.
APSC-DV-001950 - CAT II Applications used for non-local maintenance sessions must implement
cryptographic mechanisms to protect the confidentiality of non-local maintenance and diagnostic 0 0
communications.
APSC-DV-001960 - CAT II Applications used for non-local maintenance sessions must verify remote
0 0
disconnection at the termination of non-local maintenance and diagnostic sessions.
APSC-DV-001970 - CAT II The application must employ strong authenticators in the establishment of non-
0 0
local maintenance and diagnostic sessions.
APSC-DV-001980 - CAT II The application must terminate all sessions and network connections when non-
0 0
local maintenance is completed.
APSC-DV-002000 - CAT II The application must terminate all network connections associated with a
0 0
communications session at the end of the session.
APSC-DV-002020 - CAT II The application must utilize FIPS-validated cryptographic modules when signing
0 0
application components.
APSC-DV-002030 - CAT II The application must utilize FIPS-validated cryptographic modules when
0 0
generating cryptographic hashes.
PAGE 17 OF 299
APSC-DV-002040 - CAT II The application must utilize FIPS-validated cryptographic modules when
0 0
protecting unclassified information that requires cryptographic protection.
APSC-DV-002150 - CAT II The application user interface must be either physically or logically separated
0 0
from data storage and management interfaces.
APSC-DV-002210 - CAT II The application must set the HTTPOnly flag on session cookies. 0 0
APSC-DV-002220 - CAT II The application must set the secure flag on session cookies. 0 0
APSC-DV-002240 - CAT I The application must destroy the session ID value and/or cookie on logoff or
0 0
browser close.
APSC-DV-002250 - CAT II Applications must use system-generated session identifiers that protect against
0 0
session fixation.
APSC-DV-002270 - CAT II Applications must not use URL embedded session IDs. 0 0
APSC-DV-002280 - CAT II The application must not re-use or recycle session IDs. 0 0
APSC-DV-002290 - CAT II The application must use the Federal Information Processing Standard (FIPS)
140-2-validated cryptographic modules and random number generator if the application implements 0 0
encryption, key exchange, digital signature, and hash functionality.
APSC-DV-002300 - CAT II The application must only allow the use of DoD-approved certificate authorities
0 0
for verification of the establishment of protected sessions.
APSC-DV-002310 - CAT I The application must fail to a secure state if system initialization fails, shutdown
0 0
fails, or aborts fail.
APSC-DV-002320 - CAT II In the event of a system failure, applications must preserve any information
necessary to determine cause of failure and any information necessary to return to operations with least 0 0
disruption to mission processes.
APSC-DV-002330 - CAT II The application must protect the confidentiality and integrity of stored
0 0
information when required by DoD policy or the information owner.
APSC-DV-002350 - CAT II The application must use appropriate cryptography in order to protect stored
0 0
DoD information when required by the information owner or DoD policy.
APSC-DV-002360 - CAT II The application must isolate security functions from non-security functions. 0 0
APSC-DV-002370 - CAT II The application must maintain a separate execution domain for each executing
0 0
process.
APSC-DV-002380 - CAT II Applications must prevent unauthorized and unintended information transfer
0 0
via shared system resources.
APSC-DV-002390 - CAT II XML-based applications must mitigate DoS attacks by using XML filters, parser
0 0
options, or gateways.
APSC-DV-002400 - CAT II The application must restrict the ability to launch Denial of Service (DoS) attacks
0 0
against itself or other information systems.
APSC-DV-002410 - CAT II The web service design must include redundancy mechanisms when used with
0 0
high-availability systems.
APSC-DV-002420 - CAT II An XML firewall function must be deployed to protect web services when
0 0
exposed to untrusted networks.
APSC-DV-002610 - CAT II The application must remove organization-defined software components after
0 0
updated versions have been installed.
APSC-DV-002440 - CAT I The application must protect the confidentiality and integrity of transmitted
0 0
information.
PAGE 18 OF 299
APSC-DV-002460 - CAT II The application must maintain the confidentiality and integrity of information
0 0
during preparation for transmission.
APSC-DV-002470 - CAT II The application must maintain the confidentiality and integrity of information
0 0
during reception.
APSC-DV-002480 - CAT II The application must not disclose unnecessary information to users. 0 0
APSC-DV-002485 - CAT I The application must not store sensitive information in hidden fields. 0 0
APSC-DV-002490 - CAT I The application must protect from Cross-Site Scripting (XSS) vulnerabilities. 0 0
APSC-DV-002500 - CAT II The application must protect from Cross-Site Request Forgery (CSRF)
0 0
vulnerabilities.
APSC-DV-002520 - CAT II The application must protect from canonical representation vulnerabilities. 0 0
APSC-DV-002560 - CAT I The application must not be subject to input handling vulnerabilities. 0 0
APSC-DV-002570 - CAT II The application must generate error messages that provide information
0 0
necessary for corrective actions without revealing information that could be exploited by adversaries.
APSC-DV-002580 - CAT II The application must reveal error messages only to the ISSO, ISSM, or SA. 0 0
APSC-DV-002630 - CAT II Security-relevant software updates and patches must be kept up to date. 0 0
APSC-DV-002760 - CAT II The application performing organization-defined security functions must verify
0 0
correct operation of security functions.
APSC-DV-002900 - CAT II The ISSO must ensure application audit trails are retained for at least 1 year for
0 0
applications without SAMI data, and 5 years for applications including SAMI data.
APSC-DV-002770 - CAT II The application must perform verification of the correct operation of security
functions: upon system startup and/or restart; upon command by a user with privileged access; and/or 0 0
every 30 days.
APSC-DV-002780 - CAT III The application must notify the ISSO and ISSM of failed security verification
0 0
tests.
APSC-DV-002870 - CAT II Unsigned Category 1A mobile code must not be used in the application in
0 0
accordance with DoD policy.
APSC-DV-002880 - CAT II The ISSO must ensure an account management process is implemented,
verifying only authorized users can gain access to the application, and individual accounts designated as 0 0
inactive, suspended, or terminated are promptly removed.
APSC-DV-002890 - CAT I Application web servers must be on a separate network segment from the
0 0
application and database servers if it is a tiered application operating in the DoD DMZ.
APSC-DV-002910 - CAT II The ISSO must review audit trails periodically based on system documentation
0 0
recommendations or immediately upon system security events.
APSC-DV-002920 - CAT II The ISSO must report all suspected violations of IA policies in accordance with
0 0
DoD information system IA procedures.
APSC-DV-002930 - CAT II The ISSO must ensure active vulnerability testing is performed. 0 0
APSC-DV-002980 - CAT II New IP addresses, data services, and associated ports used by the application
must be submitted to the appropriate approving authority for the organization, which in turn will be 0 0
submitted through the DoD Ports, Protocols, and Services Management (DoD PPS
APSC-DV-002950 - CAT II Execution flow diagrams and design documents must be created to show how
0 0
deadlock and recursion issues in web services are being mitigated.
APSC-DV-002960 - CAT II The designer must ensure the application does not store configuration and
0 0
control files in the same directory as user data.
APSC-DV-002970 - CAT II The ISSO must ensure if a DoD STIG or NSA guide is not available, a third-party 0 0
PAGE 19 OF 299
product will be configured by following available guidance.
APSC-DV-002990 - CAT II The application must be registered with the DoD Ports and Protocols Database. 0 0
APSC-DV-002990 - CAT II The application must be registered with the DoD Ports and Protocols Database. 0 0
APSC-DV-002995 - CAT II The Configuration Management (CM) repository must be properly patched and
0 0
STIG compliant.
APSC-DV-003000 - CAT II Access privileges to the Configuration Management (CM) repository must be
0 0
reviewed every three months.
APSC-DV-003010 - CAT II A Software Configuration Management (SCM) plan describing the configuration
control and change management process of application objects developed by the organization and the 0 0
roles and responsibilities of the organization must be created and maintained.
APSC-DV-003020 - CAT II A Configuration Control Board (CCB) that meets at least every release cycle, for
0 0
managing the Configuration Management (CM) process must be established.
APSC-DV-003030 - CAT II The application services and interfaces must be compatible with and ready for
0 0
IPv6 networks.
APSC-DV-003040 - CAT II The application must not be hosted on a general purpose machine if the
0 0
application is designated as critical or high availability by the ISSO.
APSC-DV-003050 - CAT II A disaster recovery/continuity plan must exist in accordance with DoD policy
0 0
based on the applications availability requirements.
APSC-DV-003060 - CAT II Recovery procedures and technical system features must exist so recovery is
performed in a secure and verifiable manner. The ISSO will document circumstances inhibiting a trusted 0 0
recovery.
APSC-DV-003070 - CAT II Data backup must be performed at required intervals in accordance with DoD
0 0
policy.
APSC-DV-003080 - CAT II Back-up copies of the application software or source code must be stored in a
0 0
fire-rated container or stored separately (offsite).
APSC-DV-003090 - CAT II Procedures must be in place to assure the appropriate physical and technical
0 0
protection of the backup and restoration of the application.
APSC-DV-003100 - CAT II The application must use encryption to implement key exchange and
0 0
authenticate endpoints prior to establishing a communication channel for key exchange.
APSC-DV-003110 - CAT I The application must not contain embedded authentication data. 0 0
APSC-DV-003120 - CAT I The application must have the capability to mark sensitive/classified output
0 0
when required.
APSC-DV-003130 - CAT III Prior to each release of the application, updates to system, or applying patches;
0 0
tests plans and procedures must be created and executed.
APSC-DV-003150 - CAT II At least one tester must be designated to test for security flaws in addition to
0 0
functional testing.
APSC-DV-003140 - CAT II Application files must be cryptographically hashed prior to deploying to DoD
0 0
operational networks.
APSC-DV-003160 - CAT III Test procedures must be created and at least annually executed to ensure
0 0
system initialization, shutdown, and aborts are configured to verify the system remains in a secure state.
APSC-DV-003180 - CAT III Code coverage statistics must be maintained for each release of the
0 0
application.
APSC-DV-003190 - CAT II Flaws found during a code review must be tracked in a defect tracking system. 0 0
APSC-DV-003200 - CAT II The changes to the application must be assessed for IA and accreditation
0 0
impact prior to implementation.
APSC-DV-003210 - CAT II Security flaws must be fixed or addressed in the project plan. 0 0
APSC-DV-003215 - CAT III The application development team must follow a set of coding standards. 0 0
APSC-DV-003220 - CAT III The designer must create and update the Design Document for each release of
0 0
the application.
PAGE 20 OF 299
APSC-DV-003230 - CAT II Threat models must be documented and reviewed for each application release
0 0
and updated as required by design and functionality changes or when new threats are discovered.
APSC-DV-003235 - CAT II The application must not be subject to error handling vulnerabilities. 0 0
APSC-DV-003236 - CAT II The application development team must provide an application incident
0 0
response plan.
APSC-DV-003240 - CAT I All products must be supported by the vendor or the development team. 0 0
APSC-DV-003260 - CAT III Procedures must be in place to notify users when an application is
0 0
decommissioned.
APSC-DV-003330 - CAT II The system must alert an administrator when low resource conditions are
0 0
encountered.
APSC-DV-003285 - CAT II An Application Configuration Guide must be created and included with the
0 0
application.
APSC-DV-003290 - CAT II If the application contains classified data, a Security Classification Guide must
0 0
exist containing data elements and their classification.
APSC-DV-003300 - CAT II The designer must ensure uncategorized or emerging mobile code is not used
0 0
in applications.
APSC-DV-003310 - CAT II Production database exports must have database administration credentials and
0 0
sensitive data removed before releasing the export.
APSC-DV-003340 - CAT III At least one application administrator must be registered to receive update
0 0
notifications, or security alerts, when automated alerts are available.
APSC-DV-003360 - CAT III The application must generate audit records when concurrent logons from
0 0
different workstations occur.
APSC-DV-003345 - CAT III The application must provide notifications or alerts when product update and
0 0
security related patches are available.
APSC-DV-003350 - CAT II Connections between the DoD enclave and the Internet or other public or
0 0
commercial wide area networks must require a DMZ.
APSC-DV-003400 - CAT II The Program Manager must verify all levels of program management, designers,
0 0
developers, and testers receive annual security training pertaining to their job function.
APSC-DV-000010 - CAT II The application must provide a capability to limit the number of logon sessions
0 0
per user.
APSC-DV-000060 - CAT II The application must clear temporary storage and cookies when the session is
0 0
terminated.
APSC-DV-000070 - CAT II The application must automatically terminate the non-privileged user session
0 0
and log off non-privileged users after a 15 minute idle time period has elapsed.
APSC-DV-000080 - CAT II The application must automatically terminate the admin user session and log off
0 0
admin users after a 10 minute idle time period is exceeded.
APSC-DV-000090 - CAT II Applications requiring user access authentication must provide a logoff
0 0
capability for user initiated communication session.
APSC-DV-000100 - CAT III The application must display an explicit logoff message to users indicating the
0 0
reliable termination of authenticated communications sessions.
APSC-DV-000110 - CAT II The application must associate organization-defined types of security attributes
0 0
having organization-defined security attribute values with information in storage.
APSC-DV-000120 - CAT II The application must associate organization-defined types of security attributes
0 0
having organization-defined security attribute values with information in process.
APSC-DV-000130 - CAT II The application must associate organization-defined types of security attributes 0 0
PAGE 21 OF 299
having organization-defined security attribute values with information in transmission.
APSC-DV-000160 - CAT II The application must implement DoD-approved encryption to protect the
0 0
confidentiality of remote access sessions.
APSC-DV-000170 - CAT II The application must implement cryptographic mechanisms to protect the
0 0
integrity of remote access sessions.
APSC-DV-000190 - CAT I Messages protected with WS_Security must use time stamps with creation and
0 0
expiration times.
APSC-DV-000180 - CAT II Applications with SOAP messages requiring integrity must include the following
message elements:-Message ID-Service Request-Timestamp-SAML Assertion (optionally included in 0 0
messages) and all elements of the message must be digitally signed.
APSC-DV-000200 - CAT I Validity periods must be verified on all application messages using WS-Security
0 0
or SAML assertions.
APSC-DV-000210 - CAT II The application must ensure each unique asserting party provides unique
0 0
assertion ID references for each SAML assertion.
APSC-DV-000220 - CAT II The application must ensure encrypted assertions, or equivalent confidentiality
protections are used when assertion data is passed through an intermediary, and confidentiality of the 0 0
assertion data is required when passing through the intermediary.
APSC-DV-000230 - CAT I The application must use the NotOnOrAfter condition when using the
0 0
SubjectConfirmation element in a SAML assertion.
APSC-DV-000240 - CAT I The application must use both the NotBefore and NotOnOrAfter elements or
0 0
OneTimeUse element when using the Conditions element in a SAML assertion.
APSC-DV-000250 - CAT II The application must ensure if a OneTimeUse element is used in an assertion,
0 0
there is only one of the same used in the Conditions element portion of an assertion.
APSC-DV-000260 - CAT II The application must ensure messages are encrypted when the SessionIndex is
0 0
tied to privacy data.
APSC-DV-000290 - CAT II Shared/group account credentials must be terminated when members leave the
0 0
group.
APSC-DV-000280 - CAT II The application must provide automated mechanisms for supporting account
0 0
management functions.
APSC-DV-000300 - CAT II The application must automatically remove or disable temporary user accounts
0 0
72 hours after account creation.
APSC-DV-000320 - CAT III The application must automatically disable accounts after a 35 day period of
0 0
account inactivity.
APSC-DV-000420 - CAT II The application must automatically audit account enabling actions. 0 0
APSC-DV-000360 - CAT II The application must automatically audit account disabling actions. 0 0
APSC-DV-000370 - CAT II The application must automatically audit account removal actions. 0 0
APSC-DV-000380 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers when accounts are created.
APSC-DV-000390 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers when accounts are modified.
APSC-DV-000400 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers of account disabling actions.
APSC-DV-000410 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers of account removal actions.
APSC-DV-000430 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers of account enabling actions.
APSC-DV-000440 - CAT II Application data protection requirements must be identified and documented. 0 0
PAGE 22 OF 299
APSC-DV-000520 - CAT II The application must audit the execution of privileged functions. 0 0
APSC-DV-000450 - CAT II The application must utilize organization-defined data mining detection
0 0
techniques for organization-defined data storage objects to adequately detect data mining attempts.
APSC-DV-000460 - CAT I The application must enforce approved authorizations for logical access to
0 0
information and system resources in accordance with applicable access control policies.
APSC-DV-000470 - CAT II The application must enforce organization-defined discretionary access control
0 0
policies over defined subjects and objects.
APSC-DV-000480 - CAT II The application must enforce approved authorizations for controlling the flow
0 0
of information within the system based on organization-defined information flow control policies.
APSC-DV-000490 - CAT II The application must enforce approved authorizations for controlling the flow
of information between interconnected systems based on organization-defined information flow control 0 0
policies.
APSC-DV-000500 - CAT II The application must prevent non-privileged users from executing privileged
functions to include disabling, circumventing, or altering implemented security 0 0
safeguards/countermeasures.
APSC-DV-000510 - CAT I The application must execute without excessive account permissions. 0 0
APSC-DV-000530 - CAT I The application must enforce the limit of three consecutive invalid logon
0 0
attempts by a user during a 15 minute time period.
APSC-DV-000560 - CAT III The application must retain the Standard Mandatory DoD Notice and Consent
Banner on the screen until users acknowledge the usage conditions and take explicit actions to log on for 0 0
further access.
APSC-DV-000540 - CAT II The application administrator must follow an approved process to unlock locked
0 0
user accounts.
APSC-DV-000550 - CAT III The application must display the Standard Mandatory DoD Notice and Consent
0 0
Banner before granting access to the application.
APSC-DV-000570 - CAT III The publicly accessible application must display the Standard Mandatory DoD
0 0
Notice and Consent Banner before granting access to the application.
APSC-DV-000580 - CAT III The application must display the time and date of the users last successful
0 0
logon.
APSC-DV-000630 - CAT II The application must provide audit record generation capability for the
0 0
destruction of session IDs.
APSC-DV-000590 - CAT II The application must protect against an individual (or process acting on behalf
of an individual) falsely denying having performed organization-defined actions to be covered by non- 0 0
repudiation.
APSC-DV-000600 - CAT II For applications providing audit record aggregation, the application must
compile audit records from organization-defined information system components into a system-wide 0 0
audit trail that is time-correlated with an organization-defined level of tolerance
APSC-DV-000610 - CAT II The application must provide the capability for organization-identified
individuals or roles to change the auditing to be performed on all application components, based on all 0 0
selectable event criteria within organization-defined time thresholds.
APSC-DV-000620 - CAT II The application must provide audit record generation capability for the creation
0 0
of session IDs.
PAGE 23 OF 299
Scan Summary - ASD STIG 5.2
APSC-DV-000650 - CAT II The application must not write sensitive data into the application logs. 0 0
APSC-DV-000660 - CAT II The application must provide audit record generation capability for session
0 0
timeouts.
APSC-DV-000670 - CAT II The application must record a time stamp indicating when the event occurred. 0 0
APSC-DV-000680 - CAT II The application must provide audit record generation capability for HTTP
0 0
headers including User-Agent, Referer, GET, and POST.
APSC-DV-000690 - CAT II The application must provide audit record generation capability for connecting
0 0
system IP addresses.
APSC-DV-000700 - CAT II The application must record the username or user ID of the user associated with
0 0
the event.
APSC-DV-000710 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to grant privileges occur.
APSC-DV-000720 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to access security objects occur.
APSC-DV-000730 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to access security levels occur.
APSC-DV-000740 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to access categories of information (e.g., classification levels) occur.
APSC-DV-000750 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify privileges occur.
APSC-DV-000760 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify security objects occur.
APSC-DV-000770 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify security levels occur.
APSC-DV-000780 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to modify categories of information (e.g., classification levels) occur.
APSC-DV-000790 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete privileges occur.
APSC-DV-000800 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete security levels occur.
APSC-DV-000810 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete application database security objects occur.
APSC-DV-000820 - CAT II The application must generate audit records when successful/unsuccessful
0 0
attempts to delete categories of information (e.g., classification levels) occur.
APSC-DV-000830 - CAT II The application must generate audit records when successful/unsuccessful
0 0
logon attempts occur.
APSC-DV-000840 - CAT II The application must generate audit records for privileged activities or other
0 0
system-level access.
APSC-DV-000850 - CAT II The application must generate audit records showing starting and ending time
0 0
for user access to the system.
APSC-DV-000860 - CAT II The application must generate audit records when successful/unsuccessful
0 0
accesses to objects occur.
PAGE 24 OF 299
APSC-DV-000870 - CAT II The application must generate audit records for all direct access to the
0 0
information system.
APSC-DV-000880 - CAT II The application must generate audit records for all account creations,
0 0
modifications, disabling, and termination events.
APSC-DV-000910 - CAT II The application must initiate session auditing upon startup. 0 0
APSC-DV-000960 - CAT II The application must log user actions involving access to data. 0 0
APSC-DV-000970 - CAT II The application must log user actions involving changes to data. 0 0
APSC-DV-000980 - CAT II The application must produce audit records containing information to establish
0 0
when (date and time) the events occurred.
APSC-DV-000990 - CAT II The application must produce audit records containing enough information to
0 0
establish which component, feature or function of the application triggered the audit event.
APSC-DV-001000 - CAT II When using centralized logging; the application must include a unique identifier
0 0
in order to distinguish itself from other application logs.
APSC-DV-001010 - CAT II The application must produce audit records that contain information to
0 0
establish the outcome of the events.
APSC-DV-001020 - CAT II The application must generate audit records containing information that
0 0
establishes the identity of any individual or process associated with the event.
APSC-DV-001030 - CAT II The application must generate audit records containing the full-text recording
0 0
of privileged commands or the individual identities of group account users.
APSC-DV-001040 - CAT II The application must implement transaction recovery logs when transaction
0 0
based.
APSC-DV-001050 - CAT II The application must provide centralized management and configuration of the
0 0
content to be captured in audit records generated by all application components.
APSC-DV-001070 - CAT II The application must off-load audit records onto a different system or media
0 0
than the system being audited.
APSC-DV-001080 - CAT II The application must be configured to write application logs to a centralized log
0 0
repository.
APSC-DV-001090 - CAT II The application must provide an immediate warning to the SA and ISSO (at a
minimum) when allocated audit record storage volume reaches 75% of repository maximum audit record 0 0
storage capacity.
APSC-DV-001100 - CAT II Applications categorized as having a moderate or high impact must provide an
0 0
immediate real-time alert to the SA and ISSO (at a minimum) for all audit failure events.
APSC-DV-001110 - CAT II The application must alert the ISSO and SA (at a minimum) in the event of an
0 0
audit processing failure.
APSC-DV-001120 - CAT II The application must shut down by default upon audit failure (unless availability
0 0
is an overriding concern).
APSC-DV-001130 - CAT II The application must provide the capability to centrally review and analyze audit
0 0
records from multiple components within the system.
APSC-DV-001140 - CAT II The application must provide the capability to filter audit records for events of
0 0
interest based upon organization-defined criteria.
APSC-DV-001150 - CAT II The application must provide an audit reduction capability that supports on-
0 0
demand reporting requirements.
APSC-DV-001160 - CAT II The application must provide an audit reduction capability that supports on-
0 0
demand audit review and analysis.
APSC-DV-001170 - CAT II The application must provide an audit reduction capability that supports after-
0 0
the-fact investigations of security incidents.
APSC-DV-001180 - CAT II The application must provide a report generation capability that supports on-
0 0
demand audit review and analysis.
PAGE 25 OF 299
APSC-DV-001190 - CAT II The application must provide a report generation capability that supports on-
0 0
demand reporting requirements.
APSC-DV-001200 - CAT II The application must provide a report generation capability that supports after-
0 0
the-fact investigations of security incidents.
APSC-DV-001210 - CAT II The application must provide an audit reduction capability that does not alter
0 0
original content or time ordering of audit records.
APSC-DV-001220 - CAT II The application must provide a report generation capability that does not alter
0 0
original content or time ordering of audit records.
APSC-DV-001250 - CAT II The applications must use internal system clocks to generate time stamps for
0 0
audit records.
APSC-DV-001260 - CAT II The application must record time stamps for audit records that can be mapped
0 0
to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).
APSC-DV-001270 - CAT II The application must record time stamps for audit records that meet a
0 0
granularity of one second for a minimum degree of precision.
APSC-DV-001280 - CAT II The application must protect audit information from any type of unauthorized
0 0
read access.
APSC-DV-001290 - CAT II The application must protect audit information from unauthorized modification. 0 0
APSC-DV-001300 - CAT II The application must protect audit information from unauthorized deletion. 0 0
APSC-DV-001310 - CAT II The application must protect audit tools from unauthorized access. 0 0
APSC-DV-001320 - CAT II The application must protect audit tools from unauthorized modification. 0 0
APSC-DV-001330 - CAT II The application must protect audit tools from unauthorized deletion. 0 0
APSC-DV-001340 - CAT II The application must back up audit records at least every seven days onto a
0 0
different system or system component than the system or component being audited.
APSC-DV-001570 - CAT II The application must electronically verify Personal Identity Verification (PIV)
0 0
credentials.
APSC-DV-001350 - CAT II The application must use cryptographic mechanisms to protect the integrity of
0 0
audit information.
APSC-DV-001370 - CAT II The integrity of the audit tools must be validated by checking the files for
0 0
changes in the cryptographic hash value.
APSC-DV-001390 - CAT II The application must prohibit user installation of software without explicit
0 0
privileged status.
APSC-DV-001410 - CAT II The application must enforce access restrictions associated with changes to
0 0
application configuration.
APSC-DV-001420 - CAT II The application must audit who makes configuration changes to the application. 0 0
APSC-DV-001430 - CAT II The application must have the capability to prevent the installation of patches,
service packs, or application components without verification the software component has been digitally 0 0
signed using a certificate that is recognized and approved by the orga
APSC-DV-001440 - CAT II The applications must limit privileges to change the software resident within
0 0
software libraries.
APSC-DV-001480 - CAT II The application must prevent program execution in accordance with
organization-defined policies regarding software program usage and restrictions, and/or rules authorizing 0 0
the terms and conditions of software program usage.
APSC-DV-001490 - CAT II The application must employ a deny-all, permit-by-exception (whitelist) policy
0 0
to allow the execution of authorized software programs.
APSC-DV-001510 - CAT II The application must be configured to use only functions, ports, and protocols
0 0
permitted to it in the PPSM CAL.
PAGE 26 OF 299
APSC-DV-001520 - CAT II The application must require users to reauthenticate when organization-defined
0 0
circumstances or situations require reauthentication.
APSC-DV-001530 - CAT II The application must require devices to reauthenticate when organization-
0 0
defined circumstances or situations requiring reauthentication.
APSC-DV-001540 - CAT I The application must uniquely identify and authenticate organizational users (or
0 0
processes acting on behalf of organizational users).
APSC-DV-001550 - CAT II The application must use multifactor (Alt. Token) authentication for network
0 0
access to privileged accounts.
APSC-DV-001560 - CAT II The application must accept Personal Identity Verification (PIV) credentials. 0 0
APSC-DV-001580 - CAT II The application must use multifactor (e.g., CAC, Alt. Token) authentication for
0 0
network access to non-privileged accounts.
APSC-DV-001590 - CAT II The application must use multifactor (Alt. Token) authentication for local access
0 0
to privileged accounts.
APSC-DV-001600 - CAT II The application must use multifactor (e.g., CAC, Alt. Token) authentication for
0 0
local access to non-privileged accounts.
APSC-DV-001610 - CAT II The application must ensure users are authenticated with an individual
0 0
authenticator prior to using a group authenticator.
APSC-DV-001620 - CAT II The application must implement replay-resistant authentication mechanisms for
0 0
network access to privileged accounts.
APSC-DV-001630 - CAT II The application must implement replay-resistant authentication mechanisms for
0 0
network access to non-privileged accounts.
APSC-DV-001640 - CAT II The application must utilize mutual authentication when endpoint device non-
0 0
repudiation protections are required by DoD policy or by the data owner.
APSC-DV-001650 - CAT II The application must authenticate all network connected endpoint devices
0 0
before establishing any connection.
APSC-DV-001670 - CAT II The application must disable device identifiers after 35 days of inactivity unless
0 0
a cryptographic certificate is used for authentication.
APSC-DV-001680 - CAT I The application must enforce a minimum 15-character password length. 0 0
APSC-DV-001690 - CAT II The application must enforce password complexity by requiring that at least one
0 0
upper-case character be used.
APSC-DV-001700 - CAT II The application must enforce password complexity by requiring that at least one
0 0
lower-case character be used.
APSC-DV-001710 - CAT II The application must enforce password complexity by requiring that at least one
0 0
numeric character be used.
APSC-DV-001720 - CAT II The application must enforce password complexity by requiring that at least one
0 0
special character be used.
APSC-DV-001730 - CAT II The application must require the change of at least 8 of the total number of
0 0
characters when passwords are changed.
APSC-DV-001740 - CAT I The application must only store cryptographic representations of passwords.* 4 1
APSC-DV-001850 - CAT I The application must not display passwords/PINs as clear text. 0 0
APSC-DV-001760 - CAT II The application must enforce 24 hours/1 day as the minimum password lifetime. 0 0
APSC-DV-001770 - CAT II The application must enforce a 60-day maximum password lifetime restriction. 0 0
APSC-DV-001780 - CAT II The application must prohibit password reuse for a minimum of five
0 0
generations.
APSC-DV-001790 - CAT II The application must allow the use of a temporary password for system logons
0 0
with an immediate change to a permanent password.
PAGE 27 OF 299
APSC-DV-001795 - CAT II The application password must not be changeable by users other than the
0 0
administrator or the user with which the password is associated.
APSC-DV-001800 - CAT II The application must terminate existing user sessions upon account deletion. 0 0
APSC-DV-001820 - CAT I The application, when using PKI-based authentication, must enforce authorized
0 0
access to the corresponding private key.
APSC-DV-001830 - CAT II The application must map the authenticated identity to the individual user or
0 0
group account for PKI-based authentication.
APSC-DV-001870 - CAT II The application must uniquely identify and authenticate non-organizational
0 0
users (or processes acting on behalf of non-organizational users).
APSC-DV-001810 - CAT I The application, when utilizing PKI-based authentication, must validate
certificates by constructing a certification path (which includes status information) to an accepted trust 0 0
anchor.
APSC-DV-001840 - CAT II The application, for PKI-based authentication, must implement a local cache of
revocation data to support path discovery and validation in case of the inability to access revocation 0 0
information via the network.
APSC-DV-001860 - CAT II The application must use mechanisms meeting the requirements of applicable
federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for authentication 0 0
to a cryptographic module.
APSC-DV-001880 - CAT II The application must accept Personal Identity Verification (PIV) credentials from
0 0
other federal agencies.
APSC-DV-001890 - CAT II The application must electronically verify Personal Identity Verification (PIV)
0 0
credentials from other federal agencies.
APSC-DV-002050 - CAT II Applications making SAML assertions must use FIPS-approved random numbers
0 0
in the generation of SessionIndex in the SAML element AuthnStatement.
APSC-DV-001930 - CAT II Applications used for non-local maintenance sessions must audit non-local
0 0
maintenance and diagnostic sessions for organization-defined auditable events.
APSC-DV-000310 - CAT III The application must have a process, feature or function that prevents removal
0 0
or disabling of emergency accounts.
APSC-DV-001940 - CAT II Applications used for non-local maintenance sessions must implement
cryptographic mechanisms to protect the integrity of non-local maintenance and diagnostic 0 0
communications.
APSC-DV-001950 - CAT II Applications used for non-local maintenance sessions must implement
cryptographic mechanisms to protect the confidentiality of non-local maintenance and diagnostic 0 0
communications.
APSC-DV-001960 - CAT II Applications used for non-local maintenance sessions must verify remote
0 0
disconnection at the termination of non-local maintenance and diagnostic sessions.
APSC-DV-001970 - CAT II The application must employ strong authenticators in the establishment of non-
0 0
local maintenance and diagnostic sessions.
APSC-DV-001980 - CAT II The application must terminate all sessions and network connections when non-
0 0
local maintenance is completed.
APSC-DV-002000 - CAT II The application must terminate all network connections associated with a
0 0
communications session at the end of the session.
APSC-DV-002020 - CAT II The application must utilize FIPS-validated cryptographic modules when signing
0 0
application components.
APSC-DV-002030 - CAT II The application must utilize FIPS-validated cryptographic modules when
0 0
generating cryptographic hashes.
PAGE 28 OF 299
APSC-DV-002040 - CAT II The application must utilize FIPS-validated cryptographic modules when
0 0
protecting unclassified information that requires cryptographic protection.
APSC-DV-002150 - CAT II The application user interface must be either physically or logically separated
0 0
from data storage and management interfaces.
APSC-DV-002210 - CAT II The application must set the HTTPOnly flag on session cookies. 0 0
APSC-DV-002220 - CAT II The application must set the secure flag on session cookies. 0 0
APSC-DV-002240 - CAT I The application must destroy the session ID value and/or cookie on logoff or
0 0
browser close.
APSC-DV-002250 - CAT II Applications must use system-generated session identifiers that protect against
0 0
session fixation.
APSC-DV-002270 - CAT II Applications must not use URL embedded session IDs. 0 0
APSC-DV-002280 - CAT II The application must not re-use or recycle session IDs. 0 0
APSC-DV-002290 - CAT II The application must use the Federal Information Processing Standard (FIPS)
140-2-validated cryptographic modules and random number generator if the application implements 0 0
encryption, key exchange, digital signature, and hash functionality.
APSC-DV-002300 - CAT II The application must only allow the use of DoD-approved certificate authorities
0 0
for verification of the establishment of protected sessions.
APSC-DV-002310 - CAT I The application must fail to a secure state if system initialization fails, shutdown
0 0
fails, or aborts fail.
APSC-DV-002320 - CAT II In the event of a system failure, applications must preserve any information
necessary to determine cause of failure and any information necessary to return to operations with least 0 0
disruption to mission processes.
APSC-DV-002330 - CAT II The application must protect the confidentiality and integrity of stored
7 7
information when required by DoD policy or the information owner.
APSC-DV-002350 - CAT II The application must use appropriate cryptography in order to protect stored
0 0
DoD information when required by the information owner or DoD policy.
APSC-DV-002360 - CAT II The application must isolate security functions from non-security functions. 0 0
APSC-DV-002370 - CAT II The application must maintain a separate execution domain for each executing
0 0
process.
APSC-DV-002380 - CAT II Applications must prevent unauthorized and unintended information transfer
0 0
via shared system resources.
APSC-DV-002390 - CAT II XML-based applications must mitigate DoS attacks by using XML filters, parser
0 0
options, or gateways.
APSC-DV-002400 - CAT II The application must restrict the ability to launch Denial of Service (DoS) attacks
19 19
against itself or other information systems.*
APSC-DV-002410 - CAT II The web service design must include redundancy mechanisms when used with
0 0
high-availability systems.
APSC-DV-002420 - CAT II An XML firewall function must be deployed to protect web services when
0 0
exposed to untrusted networks.
APSC-DV-002610 - CAT II The application must remove organization-defined software components after
0 0
updated versions have been installed.
APSC-DV-002440 - CAT I The application must protect the confidentiality and integrity of transmitted
0 0
information.
PAGE 29 OF 299
APSC-DV-002460 - CAT II The application must maintain the confidentiality and integrity of information
0 0
during preparation for transmission.
APSC-DV-002470 - CAT II The application must maintain the confidentiality and integrity of information
0 0
during reception.
APSC-DV-002480 - CAT II The application must not disclose unnecessary information to users. 1 1
APSC-DV-002485 - CAT I The application must not store sensitive information in hidden fields. 0 0
APSC-DV-002490 - CAT I The application must protect from Cross-Site Scripting (XSS) vulnerabilities. 0 0
APSC-DV-002500 - CAT II The application must protect from Cross-Site Request Forgery (CSRF)
35 10
vulnerabilities.
APSC-DV-002520 - CAT II The application must protect from canonical representation vulnerabilities. 0 0
APSC-DV-002540 - CAT I The application must not be vulnerable to SQL Injection.* 118 30
APSC-DV-002560 - CAT I The application must not be subject to input handling vulnerabilities.* 6 6
APSC-DV-002570 - CAT II The application must generate error messages that provide information
33 33
necessary for corrective actions without revealing information that could be exploited by adversaries.*
APSC-DV-002580 - CAT II The application must reveal error messages only to the ISSO, ISSM, or SA.* 0 0
APSC-DV-002630 - CAT II Security-relevant software updates and patches must be kept up to date. 0 0
APSC-DV-002760 - CAT II The application performing organization-defined security functions must verify
0 0
correct operation of security functions.
APSC-DV-002900 - CAT II The ISSO must ensure application audit trails are retained for at least 1 year for
0 0
applications without SAMI data, and 5 years for applications including SAMI data.
APSC-DV-002770 - CAT II The application must perform verification of the correct operation of security
functions: upon system startup and/or restart; upon command by a user with privileged access; and/or 0 0
every 30 days.
APSC-DV-002780 - CAT III The application must notify the ISSO and ISSM of failed security verification
0 0
tests.
APSC-DV-002870 - CAT II Unsigned Category 1A mobile code must not be used in the application in
0 0
accordance with DoD policy.
APSC-DV-002880 - CAT II The ISSO must ensure an account management process is implemented,
verifying only authorized users can gain access to the application, and individual accounts designated as 0 0
inactive, suspended, or terminated are promptly removed.
APSC-DV-002890 - CAT I Application web servers must be on a separate network segment from the
0 0
application and database servers if it is a tiered application operating in the DoD DMZ.
APSC-DV-002910 - CAT II The ISSO must review audit trails periodically based on system documentation
0 0
recommendations or immediately upon system security events.
APSC-DV-002920 - CAT II The ISSO must report all suspected violations of IA policies in accordance with
0 0
DoD information system IA procedures.
APSC-DV-002930 - CAT II The ISSO must ensure active vulnerability testing is performed. 0 0
APSC-DV-002980 - CAT II New IP addresses, data services, and associated ports used by the application
must be submitted to the appropriate approving authority for the organization, which in turn will be 0 0
submitted through the DoD Ports, Protocols, and Services Management (DoD PPS
APSC-DV-002950 - CAT II Execution flow diagrams and design documents must be created to show how
0 0
deadlock and recursion issues in web services are being mitigated.
APSC-DV-002960 - CAT II The designer must ensure the application does not store configuration and
0 0
control files in the same directory as user data.
APSC-DV-002970 - CAT II The ISSO must ensure if a DoD STIG or NSA guide is not available, a third-party 0 0
PAGE 30 OF 299
product will be configured by following available guidance.
APSC-DV-002990 - CAT II The application must be registered with the DoD Ports and Protocols Database. 0 0
APSC-DV-002995 - CAT II The Configuration Management (CM) repository must be properly patched and
0 0
STIG compliant.
APSC-DV-003000 - CAT II Access privileges to the Configuration Management (CM) repository must be
0 0
reviewed every three months.
APSC-DV-003010 - CAT II A Software Configuration Management (SCM) plan describing the configuration
control and change management process of application objects developed by the organization and the 0 0
roles and responsibilities of the organization must be created and maintained.
APSC-DV-003020 - CAT II A Configuration Control Board (CCB) that meets at least every release cycle, for
0 0
managing the Configuration Management (CM) process must be established.
APSC-DV-003030 - CAT II The application services and interfaces must be compatible with and ready for
0 0
IPv6 networks.
APSC-DV-003040 - CAT II The application must not be hosted on a general purpose machine if the
0 0
application is designated as critical or high availability by the ISSO.
APSC-DV-003050 - CAT II A disaster recovery/continuity plan must exist in accordance with DoD policy
0 0
based on the applications availability requirements.
APSC-DV-003060 - CAT II Recovery procedures and technical system features must exist so recovery is
performed in a secure and verifiable manner. The ISSO will document circumstances inhibiting a trusted 0 0
recovery.
APSC-DV-003070 - CAT II Data backup must be performed at required intervals in accordance with DoD
0 0
policy.
APSC-DV-003080 - CAT II Back-up copies of the application software or source code must be stored in a
0 0
fire-rated container or stored separately (offsite).
APSC-DV-003090 - CAT II Procedures must be in place to assure the appropriate physical and technical
0 0
protection of the backup and restoration of the application.
APSC-DV-003100 - CAT II The application must use encryption to implement key exchange and
0 0
authenticate endpoints prior to establishing a communication channel for key exchange.
APSC-DV-003110 - CAT I The application must not contain embedded authentication data. 0 0
APSC-DV-003120 - CAT I The application must have the capability to mark sensitive/classified output
0 0
when required.
APSC-DV-003130 - CAT III Prior to each release of the application, updates to system, or applying patches;
0 0
tests plans and procedures must be created and executed.
APSC-DV-003150 - CAT II At least one tester must be designated to test for security flaws in addition to
0 0
functional testing.
APSC-DV-003140 - CAT II Application files must be cryptographically hashed prior to deploying to DoD
0 0
operational networks.
APSC-DV-003160 - CAT III Test procedures must be created and at least annually executed to ensure
0 0
system initialization, shutdown, and aborts are configured to verify the system remains in a secure state.
APSC-DV-003180 - CAT III Code coverage statistics must be maintained for each release of the
0 0
application.
APSC-DV-003190 - CAT II Flaws found during a code review must be tracked in a defect tracking system. 0 0
APSC-DV-003200 - CAT II The changes to the application must be assessed for IA and accreditation
0 0
impact prior to implementation.
APSC-DV-003210 - CAT II Security flaws must be fixed or addressed in the project plan. 0 0
APSC-DV-003215 - CAT III The application development team must follow a set of coding standards. 0 0
APSC-DV-003220 - CAT III The designer must create and update the Design Document for each release of
0 0
the application.
APSC-DV-003230 - CAT II Threat models must be documented and reviewed for each application release 0 0
PAGE 31 OF 299
and updated as required by design and functionality changes or when new threats are discovered.
APSC-DV-003235 - CAT II The application must not be subject to error handling vulnerabilities.* 0 0
APSC-DV-003236 - CAT II The application development team must provide an application incident
0 0
response plan.
APSC-DV-003240 - CAT I All products must be supported by the vendor or the development team. 0 0
APSC-DV-003260 - CAT III Procedures must be in place to notify users when an application is
0 0
decommissioned.
APSC-DV-003330 - CAT II The system must alert an administrator when low resource conditions are
0 0
encountered.
APSC-DV-003285 - CAT II An Application Configuration Guide must be created and included with the
0 0
application.
APSC-DV-003290 - CAT II If the application contains classified data, a Security Classification Guide must
0 0
exist containing data elements and their classification.
APSC-DV-003300 - CAT II The designer must ensure uncategorized or emerging mobile code is not used
0 0
in applications.
APSC-DV-003310 - CAT II Production database exports must have database administration credentials and
0 0
sensitive data removed before releasing the export.
APSC-DV-003340 - CAT III At least one application administrator must be registered to receive update
0 0
notifications, or security alerts, when automated alerts are available.
APSC-DV-003360 - CAT III The application must generate audit records when concurrent logons from
0 0
different workstations occur.
APSC-DV-003345 - CAT III The application must provide notifications or alerts when product update and
0 0
security related patches are available.
APSC-DV-003350 - CAT II Connections between the DoD enclave and the Internet or other public or
0 0
commercial wide area networks must require a DMZ.
APSC-DV-003400 - CAT II The Program Manager must verify all levels of program management, designers,
0 0
developers, and testers receive annual security training pertaining to their job function.
APSC-DV-000010 - CAT II The application must provide a capability to limit the number of logon sessions
0 0
per user.
APSC-DV-000060 - CAT II The application must clear temporary storage and cookies when the session is
0 0
terminated.
APSC-DV-000070 - CAT II The application must automatically terminate the non-privileged user session
0 0
and log off non-privileged users after a 15 minute idle time period has elapsed.
APSC-DV-000080 - CAT II The application must automatically terminate the admin user session and log off
0 0
admin users after a 10 minute idle time period is exceeded.
APSC-DV-000090 - CAT II Applications requiring user access authentication must provide a logoff
0 0
capability for user initiated communication session.
APSC-DV-000100 - CAT III The application must display an explicit logoff message to users indicating the
0 0
reliable termination of authenticated communications sessions.
APSC-DV-000110 - CAT II The application must associate organization-defined types of security attributes
0 0
having organization-defined security attribute values with information in storage.
APSC-DV-000120 - CAT II The application must associate organization-defined types of security attributes
0 0
having organization-defined security attribute values with information in process.
APSC-DV-000130 - CAT II The application must associate organization-defined types of security attributes
0 0
having organization-defined security attribute values with information in transmission.
PAGE 32 OF 299
APSC-DV-000160 - CAT II The application must implement DoD-approved encryption to protect the
0 0
confidentiality of remote access sessions.
APSC-DV-000170 - CAT II The application must implement cryptographic mechanisms to protect the
0 0
integrity of remote access sessions.
APSC-DV-000190 - CAT I Messages protected with WS_Security must use time stamps with creation and
0 0
expiration times.
APSC-DV-000180 - CAT II Applications with SOAP messages requiring integrity must include the following
message elements:-Message ID-Service Request-Timestamp-SAML Assertion (optionally included in 0 0
messages) and all elements of the message must be digitally signed.
APSC-DV-000200 - CAT I Validity periods must be verified on all application messages using WS-Security
0 0
or SAML assertions.
APSC-DV-000210 - CAT II The application must ensure each unique asserting party provides unique
0 0
assertion ID references for each SAML assertion.
APSC-DV-000220 - CAT II The application must ensure encrypted assertions, or equivalent confidentiality
protections are used when assertion data is passed through an intermediary, and confidentiality of the 0 0
assertion data is required when passing through the intermediary.
APSC-DV-000230 - CAT I The application must use the NotOnOrAfter condition when using the
0 0
SubjectConfirmation element in a SAML assertion.
APSC-DV-000240 - CAT I The application must use both the NotBefore and NotOnOrAfter elements or
0 0
OneTimeUse element when using the Conditions element in a SAML assertion.
APSC-DV-000250 - CAT II The application must ensure if a OneTimeUse element is used in an assertion,
0 0
there is only one of the same used in the Conditions element portion of an assertion.
APSC-DV-000260 - CAT II The application must ensure messages are encrypted when the SessionIndex is
0 0
tied to privacy data.
APSC-DV-000290 - CAT II Shared/group account credentials must be terminated when members leave the
0 0
group.
APSC-DV-000280 - CAT II The application must provide automated mechanisms for supporting account
0 0
management functions.
APSC-DV-000300 - CAT II The application must automatically remove or disable temporary user accounts
0 0
72 hours after account creation.
APSC-DV-000320 - CAT III The application must automatically disable accounts after a 35 day period of
0 0
account inactivity.
APSC-DV-000420 - CAT II The application must automatically audit account enabling actions. 0 0
APSC-DV-000360 - CAT II The application must automatically audit account disabling actions. 0 0
APSC-DV-000370 - CAT II The application must automatically audit account removal actions. 0 0
APSC-DV-000380 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers when accounts are created.
APSC-DV-000390 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers when accounts are modified.
APSC-DV-000400 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers of account disabling actions.
APSC-DV-000410 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers of account removal actions.
APSC-DV-000430 - CAT III The application must notify System Administrators and Information System
0 0
Security Officers of account enabling actions.
APSC-DV-000440 - CAT II Application data protection requirements must be identified and documented. 0 0
APSC-DV-000520 - CAT II The application must audit the execution of privileged functions. 0 0
PAGE 33 OF 299
APSC-DV-000450 - CAT II The application must utilize organization-defined data mining detection
0 0
techniques for organization-defined data storage objects to adequately detect data mining attempts.
APSC-DV-000460 - CAT I The application must enforce approved authorizations for logical access to
0 0
information and system resources in accordance with applicable access control policies.*
APSC-DV-000470 - CAT II The application must enforce organization-defined discretionary access control
14 2
policies over defined subjects and objects.*
APSC-DV-000480 - CAT II The application must enforce approved authorizations for controlling the flow
0 0
of information within the system based on organization-defined information flow control policies.
APSC-DV-000490 - CAT II The application must enforce approved authorizations for controlling the flow
of information between interconnected systems based on organization-defined information flow control 0 0
policies.
APSC-DV-000500 - CAT II The application must prevent non-privileged users from executing privileged
functions to include disabling, circumventing, or altering implemented security 0 0
safeguards/countermeasures.
APSC-DV-000510 - CAT I The application must execute without excessive account permissions. 0 0
APSC-DV-000530 - CAT I The application must enforce the limit of three consecutive invalid logon
0 0
attempts by a user during a 15 minute time period.
APSC-DV-000560 - CAT III The application must retain the Standard Mandatory DoD Notice and Consent
Banner on the screen until users acknowledge the usage conditions and take explicit actions to log on for 0 0
further access.
APSC-DV-000540 - CAT II The application administrator must follow an approved process to unlock locked
0 0
user accounts.
APSC-DV-000550 - CAT III The application must display the Standard Mandatory DoD Notice and Consent
0 0
Banner before granting access to the application.
APSC-DV-000570 - CAT III The publicly accessible application must display the Standard Mandatory DoD
0 0
Notice and Consent Banner before granting access to the application.
APSC-DV-000580 - CAT III The application must display the time and date of the users last successful
0 0
logon.
APSC-DV-000630 - CAT II The application must provide audit record generation capability for the
0 0
destruction of session IDs.
APSC-DV-000590 - CAT II The application must protect against an individual (or process acting on behalf
of an individual) falsely denying having performed organization-defined actions to be covered by non- 0 0
repudiation.
APSC-DV-000600 - CAT II For applications providing audit record aggregation, the application must
compile audit records from organization-defined information system components into a system-wide 0 0
audit trail that is time-correlated with an organization-defined level of tolerance
APSC-DV-000610 - CAT II The application must provide the capability for organization-identified
individuals or roles to change the auditing to be performed on all application components, based on all 0 0
selectable event criteria within organization-defined time thresholds.
APSC-DV-000620 - CAT II The application must provide audit record generation capability for the creation
0 0
of session IDs.
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 34 OF 299
Scan Summary - OWASP Top 10 API
API2-Broken Authentication* 0 0
API6-Mass Assignment 0 0
API7-Security Misconfiguration* 0 0
API8-Injection* 118 30
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 35 OF 299
Scan Summary - OWASP Top 10 2010
A6-Security Misconfiguration 0 0
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 36 OF 299
Scan Summary - MOIS(KISA) Secure Coding 2021
MOIS(KISA) Encapsulation* 0 0
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 37 OF 299
Scan Summary - SANS top 25
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 38 OF 299
Scan Summary - CWE top 25
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 39 OF 299
Scan Summary - Top Tier
PAGE 40 OF 299
Scan Summary - OWASP ASVS
V02 Authentication* 4 1
V09 Communication* 1 1
V14 Configuration* 36 36
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 41 OF 299
Scan Summary - ASA Mobile Premium
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 42 OF 299
Scan Summary - ASA Premium
* Project scan results do not include all relevant queries. Presets and\or Filters should be changed to include all relevant standard queries.
PAGE 43 OF 299
Results Distribution By Status First scan of the project
Recurrent Issues 0 0 0 0 0
Fixed Issues 0 0 0 0 0
New Scan
Previous Scan
Result Summary
Vulnerability Type Occurrences Severity
SQL Injection 59 High
CSRF 35 Medium
DB Parameter Tampering 14 Medium
Parameter Tampering 6 Medium
PAGE 44 OF 299
Frameable Login Page 1 Medium
Missing HSTS Header 1 Medium
Blind SQL Injections 59 Low
Information Exposure Through an Error Message 33 Low
Improper Resource Access Authorization 20 Low
Improper Resource Shutdown or Release 19 Low
Heap Inspection 7 Low
Insufficiently Protected Credentials 4 Low
Log Forging 3 Low
Information Exposure Through an Error Message 1 Low
JSON Hijacking 1 Low
Missing CSP Header 1 Low
Potentially Vulnerable To Csrf 1 Low
Use of Deprecated or Obsolete Functions 1 Low
Use Of HTTP Sensitive Data Exposure 1 Low
Insufficient Logging of Database Actions 12 Information
Insufficient Logging of Exceptions 1 Information
PAGE 45 OF 299
Scanned Files
File Size
File Name Checksum
KB
e3b0c44298fc1c149afbf4c8996fb92427ae4
.ActiveScans/1011402 0
1e4649b934ca495991b7852b855
.SourceControl/0000000057_0- e3b0c44298fc1c149afbf4c8996fb92427ae4
0
2035474192_000923869015 1e4649b934ca495991b7852b855
6771aa6938dec973ef4c961912cc869e4638
Billing.java 10
591a98de2a6578174092bec9eff8
c2da06291b20e82f756fd257cf2ca98d0b25
BillingDel.java 3
1d9af25d20c756419e814476ebbd
82a509520228d771ed9939beee64cd07b8c
BillingView.java 5
26a1f855aa1c00c9be999df6071ac
1074749db12d0da2fea8f5c534e6b92f5953
build.xml 1
8f597d9f338be9d67f0f980e16c8
7f4cb2d260c474e842f88b82a21572d63656
Customer.java 7
5e23eea2f086c5321dd932c783e0
b72f2e29f3d455f082e2a7501afa22ed951b
CustomerDel.java 3
342d63a77f1af8f03dc52f2b897b
f7b1b6b74dd96d99bf4d961fe2f8e458dcdf
CustomerView.java 5
a51f0940dd2284b7dc22f574b382
51fa84bc0dcd05298c5b54a8b8f7170d9f1e
InterNal.java 14
20439d40031ce67dbd2ac03854b8
90cc0a801f9a87bcb7a9551a076db9d3e56
Inventory.java 6
9d804f28c3c93cbac55f09da3461d
f358475516cebe4266616b9a6405919bf37f
InventoryDel.java 3
6140406fcfea6ff0ac62a5a9e7d4
e7ecffc42c611e671eb9f8cf3183c13298204
InventoryView.java 5
9de93490e7ddf885ba4c10c7cc8
55d4ff8e0dac261539a86d7720def8577357
JobCard.java 6
5b97dd80919cea169a4ecec9353c
59fdb1783f9707e92cc1371ef12329789edd
JobCardDel.java 3
05da5030619a9f0fe9bceab7d2fa
5b797190fadb1e0a36666fb74d5cdf528f00
JobCardView.java 5
6db8a5d94e64b521965ca8952f92
38d47cd226014b662d1c5b881f28e0450e6
Login.java 5
21fb4f1032f53094d2b556883f5c6
39f805958025a59510f713908e8326c3203b
LoginAdd.java 5
7e5b412469ab9bc99831b94b10a3
8ec9a7b58d792abcec9a7ada391424aaabfa
LoginDel.java 3
cc1ee47192821a027f2aea3a92f1
92cda33197d828b38fbdee5828af338d460
package.json 1
af08894e8f953b7d24829f588ff35
bb6c3360470027f7f61eebc4c44471f1452df
SplashScreen.java 3
127f1d598ff136a805ca964d041
terraform-examples- 1 bf901993535e776d39bf73684b0bd7f7807a
PAGE 46 OF 299
master/aws/aws_lambda_api/example- 54f22894b00e5f0c1afa69829a1a
project/package.json
terraform-examples-
f5ca14cab96e9b53906d49dc45ae5b15cdf5
master/aws/aws_lambda_api/example- 1
830beee2f2ce35000832809e0094
project/src/index.ts
terraform-examples-
a7e27b0de045457438e695a360bee617e9e
master/aws/aws_lambda_api/example- 1
9db0f85c91e54d9c7451e78c3e1eb
project/src/types.d.ts
terraform-examples-
1977fcb6549b48b947bdd3c6a3a501cfdce3
master/aws/aws_lambda_api/example- 1
86db9f82a7d045a45e74fedb5f68
project/tsconfig.json
terraform-examples- d164e2457a5b0eea3c83289fffffeeb91378a
4
master/aws/aws_reverse_proxy/lambda.tpl.js 04e7c3d88c9e267fc0d78a4c2e7
terraform-examples- 1eb85fc97224598dad1852b5d6483bbcf0a
12
master/aws/aws_vpc_msk/LICENSE a8608790dcc657a5a2a761ae9c8c6
terraform-examples-
a54e84937c86bb730ef39745c4fab2688873
master/azure/azure_linux_docker_app_service/examp 1
ed44f9a091287b9f08cde5386826
le-app/Dockerfile
terraform-examples-
6f9a763d45e1565dca540b5fa773b246fa0a
master/azure/azure_linux_docker_app_service/examp 2
65b03fdbf1b7402e2007b1bcde47
le-app/index.js
terraform-examples-
7ece3c84a95e9930463084a6d65aedf72524
master/azure/azure_linux_docker_app_service/examp 1
65b3407b2a700ecdc6871929fe3b
le-app/package.json
terraform-examples-
1d5a227cea59103b2b71ddf3adc826e4e58
master/azure/azure_linux_docker_app_service/examp 4
01cdb02ea601c804bdb3cbb4caddd
le-app/package-lock.json
terraform-examples-
427de8c095da9328c58785f922e453c07c83
master/google_cloud/CQRS_bigquery_memorystore/ 1
299693c981aa9f51337ebd4695c1
bigquery/schemas/control.template.schema.json
terraform-examples-
7f1478f824b24132e3f6e35b37915dfa46dd
master/google_cloud/CQRS_bigquery_memorystore/ 1
272f2bfd5ad517d1623f8389928f
bigquery/schemas/prober.schema.json
terraform-examples-
bef1bf47c3ab5ad643a6caec3ca1b5335a0b
master/google_cloud/CQRS_bigquery_memorystore/ 1
6ab94770852be08d38d29d29b6a7
bigquery/schemas/report.schema.json
terraform-examples-
5f72555b88779484b21a7f1aac648688c838
master/google_cloud/CQRS_bigquery_memorystore/ 1
784a3f401e22bda3125b01964ad3
bigquery/schemas/vendor1.schema.json
terraform-examples-
a8137c8c1625bea27774a4549c6e0fd408d3
master/google_cloud/CQRS_bigquery_memorystore/ 1
f640d26b464d6ad58e9f6c1c1807
bigquery/sql/control_range_view.sql
terraform-examples-
3f928ac56d28abe67ff8db21755dd661493d
master/google_cloud/CQRS_bigquery_memorystore/ 1
e97f9a1346206f3e2afd73ae58a1
bigquery/sql/daily_adjusted_totals.sql
terraform-examples-
571b6cfd48a17b530d79bbd8b7a9504f716f
master/google_cloud/CQRS_bigquery_memorystore/ 1
193d745f96a81d2c890892189756
bigquery/sql/last_n_days_totals.sql
terraform-examples-
ef8e01f3d69fd5d2bd8ef945d856db7f019b
master/google_cloud/CQRS_bigquery_memorystore/ 1
03f47afcdf43f4c126aa2f985327
bigquery/sql/unified_values.sql
PAGE 47 OF 299
terraform-examples-
4b956f846a7d8c7325168233d34ee417930
master/google_cloud/CQRS_bigquery_memorystore/ 1
25347cdac6fd63db454cd55616614
bigquery/sql/vendor1_cleanup.sql
terraform-examples-
master/google_cloud/CQRS_bigquery_memorystore/ 707ff72c573ba9c87d8ecf0feedf7f8d54687
1
bigquery/udf/CUSTOM_JSON_EXTRACT_ARRAY_FLO 8f7f7af0ee8609fb5bacdd92588
AT.sql
terraform-examples-
98eaa0d9b242c9415b951dc92d981f62d52
master/google_cloud/CQRS_bigquery_memorystore/ 4
e276918c96825c3249525a536c6db
bigquery/udf/jsonpath-0.8.0.js
terraform-examples-
aa4279cb6bee4ef3c0cad1d2490857614fe1
master/google_cloud/CQRS_bigquery_memorystore/ 3
2f19dece6f6ba180640caabcb2ce
functions/src/materialize/index.js
terraform-examples-
008a8a1e117d0a27a3fc463d22e689f1cfd0
master/google_cloud/CQRS_bigquery_memorystore/ 1
c5f56bef9ef208b4b05307a08d5d
functions/src/materialize/package.json
terraform-examples-
95ae32d3b544faf8b3510da28b37cddc9acd
master/google_cloud/CQRS_bigquery_memorystore/ 2
f50b8fb18f8550bf344323b99e74
functions/src/memorystoreload/index.js
terraform-examples-
77bd4ac78ff4428e9c2190320b5040b81179
master/google_cloud/CQRS_bigquery_memorystore/ 1
11c3b2b402dd2ec083d874c102bb
functions/src/memorystoreload/package.json
terraform-examples-
658e7de7741496c3e097a84f4b4fb1d0d75f
master/google_cloud/CQRS_bigquery_memorystore/ 2
2b5dc660786ccb84b0224831d041
functions/src/probe/index.js
terraform-examples-
646121608bd4f6621cb02eb130901454348
master/google_cloud/CQRS_bigquery_memorystore/ 1
21c58aae6224ed5b8257fbbecb2d2
functions/src/probe/package.json
terraform-examples-
a0bb7ea153457a59d28dc4506e67b2646de
master/google_cloud/CQRS_bigquery_memorystore/ 4
24d5310550e9f1db0b3e1efc5c1ed
functions/src/test/index.js
terraform-examples-
1c0ca337cab898a538ebb4f2e8ce009e7582
master/google_cloud/CQRS_bigquery_memorystore/ 1
9b0d28714aafed7da689a2fa4717
functions/src/test/package.json
terraform-examples-
3c10ff76e9d2bb49b8255a7f730f8189442e
master/google_cloud/openresty- 1
74bf714cb5b1ec13763152daef47
beyondcorp/docker-compose.yaml
terraform-examples-
19d73696268e8502693cfed9cb1445b1b32
master/google_cloud/openresty- 19
58d8d1dd5715bf2bf7e9b9eaba70f
beyondcorp/files/default.template.conf
f1fb255d4cfda55ca2f69d392392e3ae8b50
terraform-examples-master/LICENSE 2
112a603507803a0b8ae534039e4d
30fd85f8ab111f6d7cafa3c6a8634c3876b8c
terraform-examples-master/package.json 1
1f707b7766f8303c5f3931feb27
9853dbd461c386efcf21dec4e559bffcec839
terraform-examples-master/package-lock.json 4
ff762054aaa86a2b143e2721ee3
terraform-examples- 8497b932120094bc3d199fce38758344603
4
master/repotools/generate_readme.js 7ab6e42aae696f92e224a571706f7
7cbcc8f003c7ce8f7096013f8ba3d028489e6
Vendor.java 6
a958c465dffa232c301caca0d5d
VendorDel.java 3 98bfb2e8efc738a6fb971eeffb240a9a59c43
PAGE 48 OF 299
3fbf021da74a95c579b760c0f51
483091d7c814ead6beff34e8729ad991624e
VendorView.java 4
0516238e64b8dddcee055f322760
Scanned Queries
Query Name Issues Found
Blind SQL Injections 59
SQL Injection 59
CSRF 35
Information Exposure Through an Error Message 33
Improper Resource Access Authorization 20
Improper Resource Shutdown or Release 19
DB Parameter Tampering 14
Insufficient Logging of Database Actions 12
Heap Inspection 7
Parameter Tampering 6
Insufficiently Protected Credentials 4
Insufficient Logging of Exceptions 1
Missing CSP Header 1
Potentially Vulnerable To Csrf 1
Use of Deprecated or Obsolete Functions 1
Use Of HTTP Sensitive Data Exposure 1
Absolute Path Traversal 0
Akka Debug Loglevel Enabled 0
Akka Disabling Hostname Verification 0
Akka Encrypt Data Disabled 0
Akka Missing Max Age 0
Akka Serialize Enabled 0
Akka Untrusted Mode Enabled 0
Akka Verbose Mode Enabled 0
Angular Client DOM XSS 0
Angular Client Stored DOM XSS 0
Angular Deprecated API 0
Angular Improper Type Pipe Usage 0
Angular Usage of Unsafe DOM Sanitizer 0
AngularJS SCE Disabled 0
Authorization Bypass Through User Controlled SQL PrimaryKey 0
Avoid the Use of FinalizationRegistry 0
Avoid the Use of WeakRef 0
AWS Credentials Leak 0
CGI Reflected XSS All Clients 0
CGI Stored XSS 0
Channel Accessible by NonEndpoint 0
Citrus Developer Mode Enabled 0
Cleansing Canonicalization and Comparison Errors 0
Cleartext Storage Of Sensitive Information 0
Cleartext Submission of Sensitive Information 0
Client Cookies Inspection 0
PAGE 49 OF 299
Client Cross Frame Scripting Attack 0
Client Cross Session Contamination 0
Client CSS Injection 0
Client DB Parameter Tampering 0
Client DOM Code Injection 0
Client DOM Cookie Poisoning 0
Client DOM CSRF 0
Client DOM Open Redirect 0
Client DOM Stored Code Injection 0
Client DOM Stored XSS 0
Client DOM XSS 0
Client DoS By Sleep 0
Client Dynamic File Inclusion 0
Client Empty Password 0
Client Hardcoded Domain 0
Client Header Manipulation 0
Client Heuristic Poor XSS Validation 0
Client HTML5 Easy To Guess Database Name 0
Client HTML5 Heuristic Session Insecure Storage 0
Client HTML5 Information Exposure 0
Client HTML5 Insecure Storage 0
Client HTML5 Store Sensitive data In Web Storage 0
Client Insecure Randomness 0
Client Insufficient Key Size 0
Client JQuery Deprecated Symbols 0
Client Located JQuery Outdated Lib File 0
Client Manual CSRF Token Handling 0
Client Manual XHR Handling 0
Client Negative Content Length 0
Client Null Password 0
Client Overly Permissive Message Posting 0
Client Password In Comment 0
Client Password Weak Encryption 0
Client Path Manipulation 0
Client Potential Ad Hoc Ajax 0
Client Potential Code Injection 0
Client Potential DOM Open Redirect 0
Client Potential ReDoS In Match 0
Client Potential ReDoS In Replace 0
Client Potential XSS 0
Client Privacy Violation 0
Client ReDoS From Regex Injection 0
Client ReDoS In Match 0
Client ReDos In RegExp 0
Client ReDoS In Replace 0
Client Reflected File Download 0
Client Regex Injection 0
Client Remote File Inclusion 0
PAGE 50 OF 299
Client Resource Injection 0
Client Sandbox Allows Scripts With Same Origin 0
Client Second Order Sql Injection 0
Client Server Empty Password 0
Client SQL Injection 0
Client State Saving Method JSF 0
Client Untrusted Activex 0
Client Use Of Deprecated SQL Database 0
Client Use Of Iframe Without Sandbox 0
Client Use Of JQuery Deprecated Version 0
Client Weak Cryptographic Hash 0
Client Weak Encryption 0
Client Weak Password Authentication 0
Client XPATH Injection 0
Clipboard Information Leakage 0
Code Injection 0
Collapse of Data into Unsafe Value 0
Command Argument Injection 0
Command Injection 0
Connection String Injection 0
Cookie Overly Broad Path 0
Cookie Poisoning 0
Cordova Code Injection 0
Cordova File Disclosure 0
Cordova File Manipulation 0
Cordova Insufficient Domain Whitelist 0
Cordova Missing Content Security Policy 0
Cordova Open Redirect 0
Cordova Permissive Content Security Policy 0
Cordova Privacy Violation 0
Creation of Temp File in Dir with Incorrect Permissions 0
Creation of Temp File With Insecure Permissions 0
Cross Site History Manipulation 0
CSV Injection 0
Dangerous File Inclusion 0
Dangling Database Cursor 0
Data Leak Between Sessions 0
DB Control of System or Config Setting 0
Declaration of Multiple Vue Components per File 0
Declaration of Vue Component Data as Property 0
Default Definer Rights in Method Definition 0
Default Definer Rights in Package or Object Definition 0
Deprecated API 0
Deserialization of Untrusted Data 0
Deserialization of Untrusted Data in JMS 0
Direct Use of Unsafe JNI 0
Divide By Zero 0
DoS by Sleep 0
PAGE 51 OF 299
DoS By Sleep 0
Download of Code Without Integrity Check 0
Dynamic Set Of Null SecurityManager 0
DynamoDB NoSQL Injection 0
Empty Password In Connection String 0
ESAPI Same Password Repeats Twice 0
Escape False 0
Excessive Data Exposure 0
Exposure of System Data 0
Expression Language Injection EL 0
Expression Language Injection MVEL 0
Expression Language Injection OGNL 0
Expression Language Injection SPEL 0
External Control of Critical State Data 0
External Control of System or Config Setting 0
External XML Entities XXE 0
File Permissions World Readable 0
Frameable Login Page 0
GWT DOM XSS 0
GWT Reflected XSS 0
Hardcoded Absolute Path 0
Hardcoded AWS Credentials 0
Hardcoded password in Connection String 0
Heuristic 2nd Order SQL Injection 0
Heuristic CGI Stored XSS 0
Heuristic CSRF 0
Heuristic DB Parameter Tampering 0
Heuristic Parameter Tampering 0
Heuristic SQL Injection 0
Heuristic Stored XSS 0
HTTP Response Splitting 0
HttpOnlyCookies 0
HttpOnlyCookies In Config 0
Improper Build Of Sql Mapping 0
Improper Exception Handling 0
Improper Locking 0
Improper Privilege Management 0
Improper Resource Locking 0
Improper Restriction of Stored XXE Ref 0
Improper Restriction of XXE Ref 0
Improper Session Management 0
Improper Transaction Handling 0
Inadequate Encryption Strength 0
Inconsistent Component Top Level Elements Ordering 0
Inconsistent use of Directive Shorthands 0
Incorrect Permission Assignment For Critical Resources 0
Information Exposure Through Debug Log 0
Information Exposure Through Directory Listing 0
PAGE 52 OF 299
Information Exposure Through Log Files 0
Information Exposure Through Query String 0
Information Exposure Through Query Strings 0
Information Exposure Through Server Log 0
Information Leak Through Comments 0
Information Leak Through Persistent Cookies 0
Information Leak Through Shell Error Message 0
Input Path Not Canonicalized 0
Insecure Direct Object References 0
Insecure Storage of Sensitive Data 0
Insecure Text Entry 0
Insecure Value of the SameSite Cookie Attribute in Code 0
Insufficient Session Expiration 0
Insufficient Transport Layer Security 0
Integer Overflow 0
Integer Underflow 0
Jelly Injection 0
Jelly XSS 0
JSF CSRF 0
JSF Local File Inclusion 0
JSF Managed Bean PII Leak 0
JSON Hijacking 0
Just One of Equals and Hash code Defined 0
JWT Excessive Expiration Time 0
JWT Lack Of Expiration Time 0
JWT No Expiration Time Validation 0
JWT No NotBefore Validation 0
JWT No Signature Verification 0
JWT Sensitive Information Exposure 0
JWT Use Of Hardcoded Secret 0
JWT Use Of None Algorithm 0
Kony Code Injection 0
Kony Deprecated Functions 0
Kony Hardcoded EncryptionKey 0
Kony Information Leakage 0
Kony Path Injection 0
Kony Reflected XSS 0
Kony Second Order SQL Injection 0
Kony SQL Injection 0
Kony Stored Code Injection 0
Kony Stored XSS 0
Kony Unsecure Browser Configuration 0
Kony Unsecure iOSBrowser Configuration 0
Kony URL Injection 0
Kony Use WeakEncryption 0
Kony Use WeakHash 0
LDAP Injection 0
Leaving Temporary File 0
PAGE 53 OF 299
Lightning Aura Attribute With Object Type 0
Lightning Component Bad Naming 0
Lightning Data Retrieval Without Wire Decorator 0
Lightning DOM XSS 0
Lightning Dynamic Href In Anchor Tag 0
Lightning Stored XSS 0
Lightning Use of Aura Component 0
Lightning Use of LWC Event Bubbling 0
Lightning Use of Same Controller Method In Different Components 0
Log Forging 0
Logic Time Bomb 0
Missing Content Security Policy 0
Missing Encryption of Sensitive Data 0
Missing HSTS Header 0
Missing Password Field Masking 0
Missing Root Or Jailbreak Check 0
Missing Secure Flag 0
Missing X Frame Options 0
Mongo NoSQL Injection 0
MongoDB NoSQL Injection 0
Multiple Binds to the Same Port 0
Not Using a Random IV 0
Not Using a Random IV with CBC Mode 0
Null Password 0
Object Hijack 0
Off by One Error 0
Open Redirect 0
Overly Permissive Cross Origin Resource Sharing Policy 0
Parse Double DoS 0
Password In Comment 0
Password Weak Encryption 0
Permission Manipulation in S3 0
Permissive Content Security Policy 0
Plaintext Storage in a Cookie 0
Plaintext Storage of a Password 0
Poor Database Access Control 0
Portability Flaw In File Separator 0
Portability Flaw Locale Dependent Comparison 0
Potential Clickjacking on Legacy Browsers 0
Potential Code Injection 0
Potential Command Injection 0
Potential Connection String Injection 0
Potential GWT Reflected XSS 0
Potential Hardcoded password in Connection String 0
Potential I Reflected XSS All Clients 0
Potential IO Reflected XSS All Clients 0
Potential LDAP Injection 0
Potential O Reflected XSS All Clients 0
PAGE 54 OF 299
Potential Parameter Tampering 0
Potential ReDoS 0
Potential ReDoS By Injection 0
Potential ReDoS In Match 0
Potential ReDoS In Replace 0
Potential ReDoS In Static Field 0
Potential Resource Injection 0
Potential SpringShell 0
Potential SQL Injection 0
Potential Stored XSS 0
Potential Usage of Vulnerable Log4J 0
Potential Use of Hard coded Cryptographic Key 0
Potential UTF7 XSS 0
Potential XPath Injection 0
Potential XXE Injection 0
Privacy Violation 0
Private Array Returned From A Public Method 0
Process Control 0
Prototype Pollution 0
Public Data Assigned to Private Array 0
Public Static Final References Mutable Object 0
Race Condition 0
Race Condition Concurrent Instances 0
Race Condition Format Flaw 0
Race Condition Global Scope 0
Reachable Assertion 0
React Deprecated 0
React Multiple Classes With Same Name 0
ReDoS From Regex Injection 0
ReDoS In Match 0
ReDoS In Pattern 0
ReDOS in RegExp 0
ReDoS In Replace 0
Reflected Environment Injection 0
Reflected XSS 0
Reflected XSS All Clients 0
Relative Path Traversal 0
Reliance on Cookies in a Decision 0
Reliance on Cookies without Validation 0
Reliance on DNS Lookups in a Decision 0
Resource Injection 0
Reversible One Way Hash 0
Same Seed in PRNG 0
SAPUI5 Custom OData Model 0
SAPUI5 Deprecated Symbols 0
SAPUI5 Hardcoded UserId In Comments 0
SAPUI5 OData Call Without Batch Mode 0
SAPUI5 Potential Malicious File Upload 0
PAGE 55 OF 299
SAPUI5 Use Of Hardcoded URL 0
Second Order SQL Injection 0
Security Misconfiguration 0
Sensitive Cookie in HTTPS Session Without Secure Attribute 0
Sensitive Information Over HTTP 0
Serializable Class Containing Sensitive Data 0
Server DoS by loop 0
Server DoS by sleep 0
Session Fixation 0
Spring Argon2 Insecure Parameters 0
Spring BCrypt Insecure Parameters 0
Spring Comparison Timing Attack 0
Spring CSRF 0
Spring defaultHtmlEscape Not True 0
Spring Missing Content Security Policy 0
Spring Missing Expect CT Header 0
Spring Missing Function Level Authorization 0
Spring Missing HSTS Header 0
Spring Missing Object Level Authorization 0
Spring Missing X Content Type Options 0
Spring Missing X Frame Options 0
Spring Missing XSS Protection Header 0
Spring ModelView Injection 0
Spring Overly Permissive Cross Origin Resource Sharing Policy 0
Spring PBKDF2 Insecure Parameters 0
Spring Permissive Content Security Policy 0
Spring SCrypt Insecure Parameters 0
Spring Use of Broken or Risky Cryptographic Primitive 0
Spring Use Of Hardcoded Password 0
Spring View SPEL Injection 0
Spring XSRF 0
SQL Injection Evasion Attack 0
SSL Verification Bypass 0
SSRF 0
Stored Absolute Path Traversal 0
Stored Boundary Violation 0
Stored Code Injection 0
Stored Command Argument Injection 0
Stored Command Injection 0
Stored Environment Injection 0
Stored External XML Entities XXE 0
Stored HTTP Response Splitting 0
Stored LDAP Injection 0
Stored Log Forging 0
Stored Mongo NoSQL Injection 0
Stored Open Redirect 0
Stored Path Traversal 0
Stored Relative Path Traversal 0
PAGE 56 OF 299
Stored XPath Injection 0
Stored XSS 0
Storing Passwords in a Recoverable Format 0
Struts Duplicate Config Files 0
Struts Duplicate Form Bean 0
Struts Duplicate Validation Files 0
Struts Duplicate Validation Forms 0
Struts Form Does Not Extend Validation Class 0
Struts Form Field Without Validator 0
Struts Incomplete Validate Method Definition 0
Struts Mapping to Missing Form Bean 0
Struts Non Private Field In ActionForm Class 0
Struts Thread Safety Violation In Action Class 0
Struts Unused Validation Form 0
Struts Unvalidated Action Form 0
Struts Validation Turned Off 0
Struts Validator Without Form Field 0
Struts2 Action Field Without Validator 0
Struts2 Duplicate Action Field Validators 0
Struts2 Duplicate Validators 0
Suspected XSS 0
Suspicious Endpoints 0
TOCTOU 0
TruffleHog HighEntropy Strings 0
TruffleHog Regex Matches 0
Trust Boundary Violation in Session Variables 0
Uncaught Exception 0
Unchecked Input for Loop Condition 0
Unchecked Input For Loop Condition 0
Unchecked Return Value to NULL Pointer Dereference 0
Uncontrolled Format String 0
Uncontrolled Memory Allocation 0
Undocumented API 0
Unencrypted Sensitive Data Storage 0
Unnormalize Input String 0
Unprotected Cookie 0
Unrestricted Delete S3 0
Unrestricted File Upload 0
Unrestricted Read S3 0
Unrestricted Write S3 0
Unsafe JNDI Lookup 0
Unsafe Object Binding 0
Unsafe Reflection 0
Unsafe Use Of Target blank 0
Unsynchronized Access To Shared Data 0
Unvalidated Forwards 0
Unvalidated SSL Certificate Hostname 0
Use of a One Way Hash with a Predictable Salt 0
PAGE 57 OF 299
Use of a One Way Hash without a Salt 0
Use of Broken or Risky Cryptographic Algorithm 0
Use Of Broken Or Risky Cryptographic Algorithm 0
Use of Client Side Authentication 0
Use Of Controlled Input On Sensitive Field 0
Use of Cryptographically Weak PRNG 0
Use Of getenv 0
Use of Hard coded Cryptographic Key 0
Use of Hard coded Security Constants 0
Use of Hardcoded Cryptographic Key On Server 0
Use Of Hardcoded Password 0
Use Of Hardcoded Password In Config 0
Use of Implicit Types on Vue Component Props 0
Use of Insufficiently Random Values 0
Use of Native Language 0
Use of Non Cryptographic Random 0
Use of RSA Algorithm without OAEP 0
Use of Single Word Named Vue Components 0
Use of System exit 0
Use of vif and vfor On Same Element 0
User Based SDK Configurations 0
Using Referer Field for Authentication 0
UTF7 XSS 0
VF Remoting Client Potential Code Injection 0
VF Remoting Client Potential CSRF 0
VF Remoting Client Potential XSS 0
Vue DOM XSS 0
XML External Entities XXE 0
XPath Injection 0
XQuery Injection 0
XS Code Injection 0
XS CSRF 0
XS Log Injection 0
XS Open Redirect 0
XS Overly Permissive CORS 0
XS Parameter Tampering 0
XS Potentially Vulnerable To Clickjacking 0
XS Reflected XSS 0
XS Response Splitting 0
XS Second Order SQL Injection 0
XS SQL Injection 0
XS Stored Code Injection 0
XS Stored XSS 0
XS Unencrypted Data Transfer 0
XS Use Of Hardcoded URL 0
PAGE 58 OF 299
Scan Results Details
SQL Injection
Query Path:
Java\Cx\Java High Risk\SQL Injection Version:4
Categories
PCI DSS v3.2.1: PCI DSS (3.2.1) - 6.5.1 - Injection flaws - particularly SQL injection
OWASP Top 10 2013: A1-Injection
FISMA 2014: System And Information Integrity
NIST SP 800-53: SI-10 Information Input Validation (P1)
OWASP Top 10 2017: A1-Injection
OWASP Mobile Top 10 2016: M7-Client Code Quality
OWASP Top 10 API: API8-Injection
OWASP Top 10 2021: A3-Injection
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Verification and representation of input data
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V05 Validation, Sanitization and Encoding
ASA Mobile Premium: ASA Mobile Premium
ASA Premium: ASA Premium
Top Tier: Top Tier
ASD STIG 5.2: APSC-DV-002540 - CAT I The application must not be vulnerable to SQL Injection.
Description
SQL Injection\Path 1:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=50
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 58 of
LoginDel.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
58 of LoginDel.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Line 61 73
PAGE 59 OF 299
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
....
61. String delstr = LoginDel_Id.getText();
....
70. String query = "DELETE * FROM Login E WHERE E.User = '"+delstr+"'";
....
73. int result = stmt.executeUpdate ( query );
SQL Injection\Path 2:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=51
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 131 of
LoginAdd.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
131 of LoginAdd.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
139. String sUser = User.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
SQL Injection\Path 3:
Severity High
PAGE 60 OF 299
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=52
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 131 of
LoginAdd.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
131 of LoginAdd.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
140. String sName = Name.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
SQL Injection\Path 4:
Severity High
Result State Not Exploitable
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=53
Result Comment Bhawani Singh Test JMSK, [Monday, August 7, 2023 7:48:12 AM]: Changed status to Not
Exploitable
Bhawani Singh Test JMSK, [Monday, August 7, 2023 7:48:01 AM]: this is fp because i am
using a custom sanitization method.
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 131 of
LoginAdd.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
PAGE 61 OF 299
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
131 of LoginAdd.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
142. String sContact = Contact.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
SQL Injection\Path 5:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=54
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
PAGE 62 OF 299
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
148. String sVendor_Name = Vendor_Name.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
SQL Injection\Path 6:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=55
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
149. String sContact_Person = Contact_Person.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
PAGE 63 OF 299
SQL Injection\Path 7:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=56
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
150. String sPhone = Phone.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
SQL Injection\Path 8:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=57
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
PAGE 64 OF 299
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
151. String sFax = Fax.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
SQL Injection\Path 9:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=58
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 65 OF 299
Object getText executeUpdate
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
152. String sMobile = Mobile.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
PAGE 66 OF 299
....
152. String sstyle_id= style_id.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
153. String semail = email.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
PAGE 67 OF 299
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=61
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
153. String sVendor_id = Vendor_id.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
PAGE 68 OF 299
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
154. String sCargo_Name = Cargo_Name.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 69 OF 299
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
154. String sin_date = in_date.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
PAGE 70 OF 299
....
155. String sRemark = Remark.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
155. String sgold_cr = gold_cr.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
PAGE 71 OF 299
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=66
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
146 of Vendor.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
156. String sDate_In = Date_In.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
PAGE 72 OF 299
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
156. String sgold_wt = gold_wt.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 73 OF 299
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
157. String sstone_type = stone_type.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
PAGE 74 OF 299
....
158. String sstone_wt = stone_wt.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
159. String sstone_number = stone_number.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
PAGE 75 OF 299
SQL Injection\Path 22:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=72
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
149 of Inventory.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
160. String sdetails = details.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
PAGE 76 OF 299
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
164. String sCustomer_Id = Customer_Id.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 77 OF 299
Object getText executeUpdate
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
165. String sStyle_Id= Style_Id.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
PAGE 78 OF 299
....
166. String sOrder_Date = Order_Date.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
167. String sDue_Date = Due_Date.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
PAGE 79 OF 299
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=77
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
168. String sE_Cost = E_Cost.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
PAGE 80 OF 299
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
169. String sRemark = Remark.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 81 OF 299
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
170. String sAmount_Pay = Amount_Pay.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
161 of JobCard.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
PAGE 82 OF 299
....
171. String sSalesMan = SalesMan.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
190. String sAddress = Address.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
PAGE 83 OF 299
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=82
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
191. String sPhone = Phone.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
PAGE 84 OF 299
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
193. String sBirthday = Birthday.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 85 OF 299
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
194. String sRing_Husband = Ring_Husband.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
PAGE 86 OF 299
....
195. String sRing_Wife= Ring_Wife.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
196. String sRing_Other = Ring_Other.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
PAGE 87 OF 299
SQL Injection\Path 37:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=90
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
197. String sVisits = Visits.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
PAGE 88 OF 299
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
198. String scredit = credit.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 89 OF 299
Object getText executeUpdate
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
199. String sStyle_Id = Style_Id.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
PAGE 90 OF 299
....
200. String sRemark = Remark.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeQuery, at line 101 of
Login.java. The application constructs this SQL query by embedding an untrusted string into the query without
proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed
accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
101 of Login.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
....
109. String SUser = User.getText();
....
119. String query = new String("SELECT * FROM Login L WHERE
L.User='"+SUser+"' ");
....
121. rs = stmt.executeQuery ( query );
PAGE 91 OF 299
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=99
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeQuery, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
210. String sCustomer_Id = Customer_Id.getText();
....
225. if(sCustomer_Id.equals(""))
....
239. String qCustom = "SELECT Customer_ID FROM Job_Card WHERE
Customer_ID = '"+sCustomer_Id+"'";
....
241. res = stmtCustom.executeQuery ( qCustom );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
PAGE 92 OF 299
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
214. String sWeight = Weight.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 93 OF 299
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
221. String sDiscount = Discount.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
PAGE 94 OF 299
....
222. String sDetails = Details.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeQuery, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
211. String sJob_Id = Job_Id.getText();
....
255. if(sJob_Id.equals(""))
....
308. String query1 = new String("SELECT Amount_Advance FROM Job_Card
WHERE Job_ID = "+sJob_Id+"");
....
316. rs1 = stmt1.executeQuery ( query1 );
PAGE 95 OF 299
SQL Injection\Path 47:
Severity High
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=105
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
212. String sBill_Date = Bill_Date.getText();
....
261. if(sBill_Date.equals(""))
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
PAGE 96 OF 299
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
213. String sStone_Numbers = Stone_Numbers.getText();
....
267. if(sStone_Numbers.equals(""))
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
PAGE 97 OF 299
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
215. String sNet_Weight = Net_Weight.getText();
....
273. if(sNet_Weight.equals(""))
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
PAGE 98 OF 299
Object getText executeUpdate
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
216. String sGross_Err = Gross_Err.getText();
....
279. if(sGross_Err.equals(""))
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
PAGE 99 OF 299
....
217. String sWeight_Err= Weight_Err.getText();
....
285. if(sWeight_Err.equals(""))
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
206 of Billing.java. This input then flows through the code, into a query and to the database server - without
sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeQuery, at line 75 of
VendorView.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
75 of VendorView.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Line 77 105
Code Snippet
File Name VendorView.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeQuery, at line 75 of
BillingView.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
75 of BillingView.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Line 77 105
Code Snippet
File Name BillingView.java
Method public void actionPerformed(ActionEvent e)
....
77. String str = tf.getText();
....
83. if(!str.equals(""))
....
92. str1 = "'"+str+"'";
93. query = "SELECT * FROM Billing E WHERE E."+com+" = "+str1;
....
105. rs = stmt.executeQuery(query);
The application's actionPerformed method executes an SQL query with executeQuery, at line 75 of
CustomerView.java. The application constructs this SQL query by embedding an untrusted string into the
query without proper sanitization. The concatenated string is submitted to the database, where it is parsed
and executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
75 of CustomerView.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Line 77 105
Code Snippet
File Name CustomerView.java
Method public void actionPerformed(ActionEvent e)
....
77. String str = tf.getText();
....
83. if(!str.equals(""))
....
92. str1 = "'"+str+"'";
93. query = "SELECT * FROM Customer E WHERE E."+com+" = "+str1;
....
105. rs = stmt.executeQuery(query);
Line 77 105
Code Snippet
File Name InventoryView.java
Method public void actionPerformed(ActionEvent e)
....
77. String str = tf.getText();
....
83. if(!str.equals(""))
....
92. str1 = "'"+str+"'";
93. query = "SELECT * FROM Inventory E WHERE E."+com+" = "+str1;
....
105. rs = stmt.executeQuery(query);
The application's actionPerformed method executes an SQL query with executeQuery, at line 80 of
JobCardView.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
80 of JobCardView.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name JobCardView.java
Method public void actionPerformed(ActionEvent e)
....
82. String str = tf.getText();
....
88. if(!str.equals(""))
....
97. str1 = "'"+str+"'";
98. query = "SELECT * FROM Job_Card E WHERE E."+com+" = "+str1;
....
110. rs = stmt.executeQuery(query);
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious
payload and providing it via the input getText; this input is then read by the actionPerformed method at line
184 of Customer.java. This input then flows through the code, into a query and to the database server -
without sanitization.
This may enable an SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
CSRF
Query Path:
Java\Cx\Java Medium Threat\CSRF Version:6
Categories
PCI DSS v3.2.1: PCI DSS (3.2.1) - 6.5.9 - Cross-site request forgery
OWASP Top 10 2013: A8-Cross-Site Request Forgery (CSRF)
NIST SP 800-53: SC-23 Session Authenticity (P1)
OWASP Top 10 2021: A1-Broken Access Control
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Verification and representation of input data
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V13 API and Web Service
ASA Premium: ASA Premium
ASD STIG 5.2: APSC-DV-002500 - CAT II The application must protect from Cross-Site Request Forgery (CSRF)
vulnerabilities.
Description
CSRF\Path 1:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=1
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
....
156. String sgold_wt = gold_wt.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
CSRF\Path 2:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=2
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 60 of InventoryDel.java gets a parameter from a user request from getText.
This parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Line 63 74
Code Snippet
File Name InventoryDel.java
Method public void actionPerformed(ActionEvent e)
....
63. String delstr = InventoryDel_Id.getText();
....
71. int custstr = Integer.parseInt(delstr);
72. String query = "DELETE * FROM Inventory E WHERE E.Inventory_ID =
"+custstr;
....
74. int result = stmt.executeUpdate ( query );
CSRF\Path 3:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=3
Result Comment
Status New
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
171. String sSalesMan = SalesMan.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
CSRF\Path 4:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=4
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 5:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=5
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
167. String sDue_Date = Due_Date.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
CSRF\Path 6:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=6
Result Comment
Status New
Method actionPerformed at line 146 of Vendor.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
148. String sVendor_Name = Vendor_Name.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
CSRF\Path 7:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=7
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 131 of LoginAdd.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 8:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=8
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 58 of BillingDel.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Line 61 72
Code Snippet
File Name BillingDel.java
Method public void actionPerformed(ActionEvent e)
....
61. String delstr = BillingDel_Id.getText();
....
69. int custstr = Integer.parseInt(delstr);
70. String query = "DELETE * FROM Billing E WHERE E.Bill_No =
"+custstr;
....
72. int result = stmt.executeUpdate ( query );
CSRF\Path 9:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=9
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Line 63 74
Code Snippet
File Name VendorDel.java
Method public void actionPerformed(ActionEvent e)
....
63. String delstr = VendorDel_Id.getText();
....
71. int custstr = Integer.parseInt(delstr);
72. String query = "DELETE * FROM Vendor E WHERE E.Vendor_ID =
"+custstr;
....
74. int result = stmt.executeUpdate ( query );
CSRF\Path 10:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=10
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 58 of LoginDel.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Line 61 73
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 11:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=11
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 146 of Vendor.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
153. String semail = email.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
CSRF\Path 12:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=12
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
151. String sFax = Fax.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
CSRF\Path 13:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=13
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 60 of CustomerDel.java gets a parameter from a user request from getText.
This parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Line 63 74
Code Snippet
File Name CustomerDel.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 14:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=14
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
154. String sin_date = in_date.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
CSRF\Path 15:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=15
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
149. String sContact_Person = Contact_Person.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
CSRF\Path 16:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=16
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 17:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=17
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 131 of LoginAdd.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
142. String sContact = Contact.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
CSRF\Path 18:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=18
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
139. String sUser = User.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
CSRF\Path 19:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=19
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 20:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=20
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 58 of JobCardDel.java gets a parameter from a user request from getText.
This parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Line 61 72
Code Snippet
File Name JobCardDel.java
Method public void actionPerformed(ActionEvent e)
....
61. String delstr = JobCardDel_Id.getText();
....
69. int custstr = Integer.parseInt(delstr);
70. String query = "DELETE * FROM Job_Card E WHERE E.Job_ID =
"+custstr;
....
72. int result = stmt.executeUpdate ( query );
CSRF\Path 21:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=21
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
156. String sDate_In = Date_In.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
CSRF\Path 22:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=22
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 23:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=23
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 146 of Vendor.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
154. String sCargo_Name = Cargo_Name.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
CSRF\Path 24:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=24
Result Comment
Status New
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
157. String sstone_type = stone_type.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
CSRF\Path 25:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=25
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 146 of Vendor.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 26:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=26
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
155. String sgold_cr = gold_cr.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
CSRF\Path 27:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=27
Result Comment
Status New
Method actionPerformed at line 146 of Vendor.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
150. String sPhone = Phone.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
CSRF\Path 28:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=28
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 29:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=29
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
170. String sAmount_Pay = Amount_Pay.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
CSRF\Path 30:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=30
Result Comment
Status New
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
168. String sE_Cost = E_Cost.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
CSRF\Path 31:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=31
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 32:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=32
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 161 of JobCard.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
164. String sCustomer_Id = Customer_Id.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
CSRF\Path 33:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=33
Result Comment
Status New
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
160. String sdetails = details.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
CSRF\Path 34:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=34
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 146 of Vendor.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
CSRF\Path 35:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=35
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 149 of Inventory.java gets a parameter from a user request from getText. This
parameter value flows through the code and is eventually used to access application state altering
functionality. This may enable Cross-Site Request Forgery (CSRF).
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
158. String sstone_wt = stone_wt.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
DB Parameter Tampering
Query Path:
Java\Cx\Java Medium Threat\DB Parameter Tampering Version:1
Categories
PCI DSS v3.2.1: PCI DSS (3.2.1) - 6.5.1 - Injection flaws - particularly SQL injection
OWASP Top 10 2013: A4-Insecure Direct Object References
Description
DB Parameter Tampering\Path 1:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=36
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
193. String sBirthday = Birthday.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
DB Parameter Tampering\Path 2:
Severity Medium
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
196. String sRing_Other = Ring_Other.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
DB Parameter Tampering\Path 3:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=38
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
199. String sStyle_Id = Style_Id.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
DB Parameter Tampering\Path 4:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=39
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 206 of Billing.java gets user input from element getText. This input is used by
the application, without being validated, to filter personal records from sensitive database tables. Method
actionPerformed submits a query to the database executeUpdate, at line 206 of Billing.java, without any
additional filtering by the database. This could allow the user to choose different records based on the id.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
DB Parameter Tampering\Path 5:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=40
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 206 of Billing.java gets user input from element getText. This input is used by
the application, without being validated, to filter personal records from sensitive database tables. Method
actionPerformed submits a query to the database executeUpdate, at line 206 of Billing.java, without any
additional filtering by the database. This could allow the user to choose different records based on the id.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
221. String sDiscount = Discount.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
DB Parameter Tampering\Path 6:
Severity Medium
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
190. String sAddress = Address.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
DB Parameter Tampering\Path 7:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=42
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
198. String scredit = credit.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
DB Parameter Tampering\Path 8:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=43
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
DB Parameter Tampering\Path 9:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=44
Result Comment
Status New
Detection Date 8/23/2023 8:24:23 AM
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
195. String sRing_Wife= Ring_Wife.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
Method actionPerformed at line 206 of Billing.java gets user input from element getText. This input is used by
the application, without being validated, to filter personal records from sensitive database tables. Method
actionPerformed submits a query to the database executeUpdate, at line 206 of Billing.java, without any
additional filtering by the database. This could allow the user to choose different records based on the id.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
222. String sDetails = Details.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
191. String sPhone = Phone.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
197. String sVisits = Visits.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
Method actionPerformed at line 184 of Customer.java gets user input from element getText. This input is
used by the application, without being validated, to filter personal records from sensitive database tables.
Method actionPerformed submits a query to the database executeUpdate, at line 184 of Customer.java,
without any additional filtering by the database. This could allow the user to choose different records based
on the id.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
200. String sRemark = Remark.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
Parameter Tampering
Query Path:
Java\Cx\Java Medium Threat\Parameter Tampering Version:1
Categories
PCI DSS v3.2.1: PCI DSS (3.2.1) - 6.5.1 - Injection flaws - particularly SQL injection
OWASP Top 10 2013: A4-Insecure Direct Object References
OWASP Top 10 2017: A5-Broken Access Control
OWASP Top 10 2021: A4-Insecure Design
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Security Functions
OWASP ASVS: V01 Architecture, Design and Threat Modeling
ASA Premium: ASA Premium
ASD STIG 5.2: APSC-DV-002560 - CAT I The application must not be subject to input handling vulnerabilities.
Description
Parameter Tampering\Path 1:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=87
Method actionPerformed at line 58 of LoginDel.java gets user input from element getText. This input is later
concatenated by the application directly into a string variable containing SQL commands, without being
validated. This string is then used in method actionPerformed to query the database executeUpdate, at line 58
of LoginDel.java, without any additional filtering by the database. This could allow the user to tamper with the
filter parameter.
Source Destination
Line 61 73
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
....
61. String delstr = LoginDel_Id.getText();
....
70. String query = "DELETE * FROM Login E WHERE E.User = '"+delstr+"'";
....
73. int result = stmt.executeUpdate ( query );
Parameter Tampering\Path 2:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=89
Result Comment
Status New
Detection Date 8/23/2023 8:24:24 AM
Method actionPerformed at line 58 of BillingDel.java gets user input from element getText. This input is later
concatenated by the application directly into a string variable containing SQL commands, without being
validated. This string is then used in method actionPerformed to query the database executeUpdate, at line 58
of BillingDel.java, without any additional filtering by the database. This could allow the user to tamper with the
filter parameter.
Source Destination
Line 61 72
Code Snippet
File Name BillingDel.java
Method public void actionPerformed(ActionEvent e)
Parameter Tampering\Path 3:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=91
Result Comment
Status New
Detection Date 8/23/2023 8:24:24 AM
Method actionPerformed at line 58 of JobCardDel.java gets user input from element getText. This input is later
concatenated by the application directly into a string variable containing SQL commands, without being
validated. This string is then used in method actionPerformed to query the database executeUpdate, at line 58
of JobCardDel.java, without any additional filtering by the database. This could allow the user to tamper with
the filter parameter.
Source Destination
Line 61 72
Code Snippet
File Name JobCardDel.java
Method public void actionPerformed(ActionEvent e)
....
61. String delstr = JobCardDel_Id.getText();
....
69. int custstr = Integer.parseInt(delstr);
70. String query = "DELETE * FROM Job_Card E WHERE E.Job_ID =
"+custstr;
....
72. int result = stmt.executeUpdate ( query );
Parameter Tampering\Path 4:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=93
Result Comment
Status New
Detection Date 8/23/2023 8:24:24 AM
Line 63 74
Code Snippet
File Name VendorDel.java
Method public void actionPerformed(ActionEvent e)
....
63. String delstr = VendorDel_Id.getText();
....
71. int custstr = Integer.parseInt(delstr);
72. String query = "DELETE * FROM Vendor E WHERE E.Vendor_ID =
"+custstr;
....
74. int result = stmt.executeUpdate ( query );
Parameter Tampering\Path 5:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=95
Result Comment
Status New
Detection Date 8/23/2023 8:24:24 AM
Method actionPerformed at line 60 of CustomerDel.java gets user input from element getText. This input is
later concatenated by the application directly into a string variable containing SQL commands, without being
validated. This string is then used in method actionPerformed to query the database executeUpdate, at line 60
of CustomerDel.java, without any additional filtering by the database. This could allow the user to tamper with
the filter parameter.
Source Destination
Line 63 74
Code Snippet
File Name CustomerDel.java
Method public void actionPerformed(ActionEvent e)
Parameter Tampering\Path 6:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=97
Result Comment
Status New
Detection Date 8/23/2023 8:24:24 AM
Method actionPerformed at line 60 of InventoryDel.java gets user input from element getText. This input is
later concatenated by the application directly into a string variable containing SQL commands, without being
validated. This string is then used in method actionPerformed to query the database executeUpdate, at line 60
of InventoryDel.java, without any additional filtering by the database. This could allow the user to tamper with
the filter parameter.
Source Destination
Line 63 74
Code Snippet
File Name InventoryDel.java
Method public void actionPerformed(ActionEvent e)
....
63. String delstr = InventoryDel_Id.getText();
....
71. int custstr = Integer.parseInt(delstr);
72. String query = "DELETE * FROM Inventory E WHERE E.Inventory_ID =
"+custstr;
....
74. int result = stmt.executeUpdate ( query );
Categories
OWASP Top 10 2017: A6-Security Misconfiguration
OWASP Top 10 2021: A8-Software and Data Integrity Failures
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Verification and representation of input data
Description
Frameable Login Page\Path 1:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=71
Result Comment
Status New
Detection Date 8/23/2023 8:24:24 AM
The web-application does not properly utilize the "X-FRAME-OPTIONS" header to restrict embedding web-
pages inside of a frame.
Source Destination
Line 23 28
Code Snippet
File Name terraform-examples-
master/google_cloud/CQRS_bigquery_memorystore/functions/src/test/index.js
Method exports.test = async (req, res) => {
....
23. exports.test = async (req, res) => {
....
28. res.send({
Categories
OWASP Top 10 2021: A7-Identification and Authentication Failures
OWASP ASVS: V14 Configuration
ASA Premium: ASA Premium
Description
Missing HSTS Header\Path 1:
Severity Medium
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=104
The web-application does not define an HSTS header, leaving it vulnerable to attack.
Source Destination
Line 54 54
Code Snippet
File Name terraform-examples-master/azure/azure_linux_docker_app_service/example-app/index.js
Method const requestListener = async function (req, res) {
....
54. res.end("My first server!");
Categories
PCI DSS v3.2.1: PCI DSS (3.2.1) - 6.5.1 - Injection flaws - particularly SQL injection
OWASP Top 10 2013: A1-Injection
FISMA 2014: System And Information Integrity
NIST SP 800-53: SI-10 Information Input Validation (P1)
OWASP Top 10 2017: A1-Injection
OWASP Top 10 API: API8-Injection
OWASP Top 10 2010: A1-Injection
OWASP Top 10 2021: A3-Injection
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Verification and representation of input data
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V05 Validation, Sanitization and Encoding
ASD STIG 5.2: APSC-DV-002540 - CAT I The application must not be vulnerable to SQL Injection.
Description
Blind SQL Injections\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=117
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Line 61 73
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
....
61. String delstr = LoginDel_Id.getText();
....
70. String query = "DELETE * FROM Login E WHERE E.User = '"+delstr+"'";
....
73. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 131 of
LoginAdd.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 131 of LoginAdd.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
....
139. String sUser = User.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 131 of
LoginAdd.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 131 of LoginAdd.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
140. String sName = Name.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 131 of
LoginAdd.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 131 of LoginAdd.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
142. String sContact = Contact.getText();
....
144. String query =" INSERT INTO Login(User,Password,Type,Name,Contact)
VALUES
('"+sUser+"','"+sPassword+"','"+sType+"','"+sName+"','"+sContact+"')";
....
148. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
148. String sVendor_Name = Vendor_Name.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 146 of Vendor.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
....
149. String sContact_Person = Contact_Person.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 146 of Vendor.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 146 of Vendor.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
151. String sFax = Fax.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 146 of Vendor.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
152. String sMobile = Mobile.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
152. String sstyle_id= style_id.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 146 of Vendor.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
....
153. String semail = email.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 149 of Inventory.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 146 of Vendor.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
154. String sCargo_Name = Cargo_Name.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 149 of Inventory.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
154. String sin_date = in_date.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
155. String sRemark = Remark.getText();
....
158. String query =" INSERT INTO Vendor
(Vendor_name,Contact_Person,Phone,Fax,Mobile,email,Cargo_Name,Remark,Dat
e_In) VALUES
('"+sVendor_Name+"','"+sContact_Person+"','"+sPhone+"','"+sFax+"','"+sMo
bile+"','"+semail+"','"+sCargo_Name+"','"+sRemark+"','"+sDate_In+"')";
....
165. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 149 of Inventory.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
....
155. String sgold_cr = gold_cr.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 146 of
Vendor.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 146 of Vendor.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 149 of Inventory.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
156. String sgold_wt = gold_wt.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 149 of Inventory.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
157. String sstone_type = stone_type.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
158. String sstone_wt = stone_wt.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 149 of Inventory.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
....
159. String sstone_number = stone_number.getText();
....
162. String query =" INSERT INTO
Inventory(Style_ID,Vendor_ID,In_Date,Gold,Gold_wt,Stone_Type,Stone_Weigh
t,Stone_numbers,Details) VALUES
('"+sstyle_id+"','"+sVendor_id+"','"+sin_date+"','"+sgold_cr+"','"+sgold
_wt+"','"+sstone_type+"','"+sstone_wt+"','"+sstone_number+"','"+sdetails
+"')";
....
169. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 149 of
Inventory.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 149 of Inventory.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 161 of JobCard.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
164. String sCustomer_Id = Customer_Id.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 161 of JobCard.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
165. String sStyle_Id= Style_Id.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
166. String sOrder_Date = Order_Date.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 161 of JobCard.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
....
167. String sDue_Date = Due_Date.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 161 of JobCard.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 161 of JobCard.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
169. String sRemark = Remark.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 161 of JobCard.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
170. String sAmount_Pay = Amount_Pay.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 161 of
JobCard.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
171. String sSalesMan = SalesMan.getText();
....
173. String query =" INSERT INTO
Job_Card(Customer_ID,Style_ID,Order_Date,Due_Date,Estimated_Cost,Remarks
,Amount_Advance,Salesman,Current_Status) VALUES
('"+sCustomer_Id+"','"+sStyle_Id+"','"+sOrder_Date+"','"+sDue_Date+"','"
+sE_Cost+"','"+sRemark+"','"+sAmount_Pay+"','"+sSalesMan+"','"+com+"')";
....
180. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
....
190. String sAddress = Address.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
192. String sWedding_Aniv = Wedding_Aniv.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
193. String sBirthday = Birthday.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
194. String sRing_Husband = Ring_Husband.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
195. String sRing_Wife= Ring_Wife.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
197. String sVisits = Visits.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
198. String scredit = credit.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
199. String sStyle_Id = Style_Id.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 184 of
Customer.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 184 of Customer.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
200. String sRemark = Remark.getText();
....
207. String query =" INSERT INTO
Customer(Date_In,Name,Address,Phone,Wedding_Aniv,Birthday,Ring_Husband,R
ing_Wife,Ring_Other,Visits,credit,Style_Id,Remark) VALUES
('"+sDate_In+"','"+sCustomer_Name+"','"+sAddress+"','"+sPhone+"','"+sWed
ding_Aniv+"','"+sBirthday+"','"+sRing_Husband+"','"+sRing_Wife+"','"+sRi
ng_Other+"','"+sVisits+"','"+scredit+"','"+sStyle_Id+"','"+sRemark+"')";
....
214. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeQuery, at line 101 of
Login.java. The application constructs this SQL query by embedding an untrusted string into the query without
proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed
accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 101 of Login.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
The application's actionPerformed method executes an SQL query with executeQuery, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
210. String sCustomer_Id = Customer_Id.getText();
....
225. if(sCustomer_Id.equals(""))
....
239. String qCustom = "SELECT Customer_ID FROM Job_Card WHERE
Customer_ID = '"+sCustomer_Id+"'";
....
241. res = stmtCustom.executeQuery ( qCustom );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
214. String sWeight = Weight.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
221. String sDiscount = Discount.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
222. String sDetails = Details.getText();
....
306. String query =new String(" INSERT INTO
Billing(Customer_ID,Job_ID,Bill_Date,Stone_Numbers,Weight,Net_Weight,Gro
ss_error,Weight_error,Gold_purity,Total_Price,Payment_Mode,Discount,Deta
ils) VALUES
('"+sCustomer_Id+"','"+sJob_Id+"','"+sBill_Date+"','"+sStone_Numbers+"',
'"+sWeight+"','"+sNet_Weight+"','"+sGross_Err+"','"+sWeight_Err+"','"+sG
old_Purity+"','"+sTotal_Price+"','"+com+"','"+sDiscount+"','"+sDetails+"
')");
....
313. int result = stmt.executeUpdate ( query );
The application's actionPerformed method executes an SQL query with executeQuery, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeUpdate, at line 206 of
Billing.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 206 of Billing.java, and used without sanitization in the SQL query that is sent
to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeQuery, at line 75 of
VendorView.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 75 of VendorView.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Line 77 105
Code Snippet
File Name VendorView.java
Method public void actionPerformed(ActionEvent e)
The application's actionPerformed method executes an SQL query with executeQuery, at line 75 of
BillingView.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 75 of BillingView.java, and used without sanitization in the SQL query that is
sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Line 77 105
Code Snippet
File Name BillingView.java
Method public void actionPerformed(ActionEvent e)
....
77. String str = tf.getText();
....
83. if(!str.equals(""))
....
92. str1 = "'"+str+"'";
93. query = "SELECT * FROM Billing E WHERE E."+com+" = "+str1;
....
105. rs = stmt.executeQuery(query);
The application's actionPerformed method executes an SQL query with executeQuery, at line 75 of
CustomerView.java. The application constructs this SQL query by embedding an untrusted string into the
query without proper sanitization. The concatenated string is submitted to the database, where it is parsed
and executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 75 of CustomerView.java, and used without sanitization in the SQL query that
is sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Line 77 105
Code Snippet
File Name CustomerView.java
Method public void actionPerformed(ActionEvent e)
....
77. String str = tf.getText();
....
83. if(!str.equals(""))
....
92. str1 = "'"+str+"'";
93. query = "SELECT * FROM Customer E WHERE E."+com+" = "+str1;
....
105. rs = stmt.executeQuery(query);
The application's actionPerformed method executes an SQL query with executeQuery, at line 75 of
InventoryView.java. The application constructs this SQL query by embedding an untrusted string into the
query without proper sanitization. The concatenated string is submitted to the database, where it is parsed
and executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
Line 77 105
Code Snippet
File Name InventoryView.java
Method public void actionPerformed(ActionEvent e)
....
77. String str = tf.getText();
....
83. if(!str.equals(""))
....
92. str1 = "'"+str+"'";
93. query = "SELECT * FROM Inventory E WHERE E."+com+" = "+str1;
....
105. rs = stmt.executeQuery(query);
The application's actionPerformed method executes an SQL query with executeQuery, at line 80 of
JobCardView.java. The application constructs this SQL query by embedding an untrusted string into the query
without proper sanitization. The concatenated string is submitted to the database, where it is parsed and
executed accordingly.
If an exception is thrown by the database code, it is caught and handled. An attacker could still use inferential
or boolean exploitation techniques to retrieve the data, by altering the user input getText. This is read in the
actionPerformed method, at line 80 of JobCardView.java, and used without sanitization in the SQL query that
is sent to the database server.
This may enable a Blind SQL Injection attack.
Source Destination
Line 82 110
Code Snippet
File Name JobCardView.java
Method public void actionPerformed(ActionEvent e)
Categories
PCI DSS v3.2.1: PCI DSS (3.2.1) - 6.5.5 - Improper error handling
OWASP Top 10 2013: A5-Security Misconfiguration
FISMA 2014: Configuration Management
NIST SP 800-53: SI-11 Error Handling (P2)
OWASP Top 10 2017: A6-Security Misconfiguration
OWASP Top 10 API: API3-Excessive Data Exposure
OWASP Top 10 2021: A4-Insecure Design
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Error processing
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V14 Configuration
ASD STIG 5.2: APSC-DV-002570 - CAT II The application must generate error messages that provide
information necessary for corrective actions without revealing information that could be exploited by
adversaries.
Description
Information Exposure Through an Error Message\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=222
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Method BillingView, at line 26 of BillingView.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
BillingView of BillingView.java, line 26.
Source Destination
Line 33 36
Object ae printStackTrace
Code Snippet
....
33. catch(Exception ae)
....
36. ae.printStackTrace();
Method VendorView, at line 26 of VendorView.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
VendorView of VendorView.java, line 26.
Source Destination
Line 33 36
Object ae printStackTrace
Code Snippet
File Name VendorView.java
Method public VendorView()
....
33. catch(Exception ae)
....
36. ae.printStackTrace();
Method InventoryView, at line 26 of InventoryView.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
InventoryView of InventoryView.java, line 26.
Source Destination
Line 33 36
Object ae printStackTrace
Code Snippet
File Name InventoryView.java
Method public InventoryView()
....
33. catch(Exception ae)
....
36. ae.printStackTrace();
Method CustomerView, at line 26 of CustomerView.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
CustomerView of CustomerView.java, line 26.
Source Destination
Line 33 36
Object ae printStackTrace
Code Snippet
File Name CustomerView.java
Method public CustomerView()
....
33. catch(Exception ae)
....
36. ae.printStackTrace();
Line 38 41
Object ae printStackTrace
Code Snippet
File Name JobCardView.java
Method public JobCardView()
....
38. catch(Exception ae)
....
41. ae.printStackTrace();
Method InterNal, at line 30 of InterNal.java, handles an Exception or runtime Error ae. During the exception
handling code, the application exposes the exception details to printStackTrace, in method InterNal of
InterNal.java, line 30.
Source Destination
Line 39 42
Object ae printStackTrace
Code Snippet
File Name InterNal.java
Method public InterNal(String access)
....
39. catch(Exception ae)
....
42. ae.printStackTrace();
Method LoginAdd, at line 35 of LoginAdd.java, handles an Exception or runtime Error ae. During the exception
handling code, the application exposes the exception details to printStackTrace, in method LoginAdd of
LoginAdd.java, line 35.
Source Destination
Line 42 44
Object ae printStackTrace
Code Snippet
File Name LoginAdd.java
Method public LoginAdd()
....
42. catch(Exception ae)
....
44. ae.printStackTrace();
Method Login, at line 28 of Login.java, handles an Exception or runtime Error ae. During the exception
handling code, the application exposes the exception details to printStackTrace, in method Login of
Login.java, line 28.
Source Destination
Line 48 51
Object ae printStackTrace
Code Snippet
File Name Login.java
Method public Login()
Method Billing, at line 46 of Billing.java, handles an Exception or runtime Error ae. During the exception
handling code, the application exposes the exception details to printStackTrace, in method Billing of
Billing.java, line 46.
Source Destination
Line 53 56
Object ae printStackTrace
Code Snippet
File Name Billing.java
Method public Billing()
....
53. catch(Exception ae)
....
56. ae.printStackTrace();
Method actionPerformed, at line 58 of JobCardDel.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of JobCardDel.java, line 58.
Source Destination
Line 86 88
Code Snippet
File Name JobCardDel.java
Method public void actionPerformed(ActionEvent e)
....
86. catch(Exception ae)
....
88. ae.printStackTrace();
Method actionPerformed, at line 58 of BillingDel.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of BillingDel.java, line 58.
Source Destination
Line 86 88
Object ae printStackTrace
Code Snippet
File Name BillingDel.java
Method public void actionPerformed(ActionEvent e)
....
86. catch(Exception ae)
....
88. ae.printStackTrace();
Line 87 89
Object ae printStackTrace
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
....
87. catch(Exception ae)
....
89. ae.printStackTrace();
Method actionPerformed, at line 60 of CustomerDel.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of CustomerDel.java, line 60.
Source Destination
Line 88 90
Object ae printStackTrace
Code Snippet
File Name CustomerDel.java
Method public void actionPerformed(ActionEvent e)
....
88. catch(Exception ae)
....
90. ae.printStackTrace();
Method actionPerformed, at line 60 of VendorDel.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of VendorDel.java, line 60.
Source Destination
Line 88 90
Object ae printStackTrace
Code Snippet
File Name VendorDel.java
Method public void actionPerformed(ActionEvent e)
....
88. catch(Exception ae)
....
90. ae.printStackTrace();
Method actionPerformed, at line 60 of InventoryDel.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of InventoryDel.java, line 60.
Source Destination
Line 88 90
Object ae printStackTrace
Code Snippet
File Name InventoryDel.java
Method public void actionPerformed(ActionEvent e)
Method actionPerformed, at line 75 of CustomerView.java, handles an Exception or runtime Error sqlx. During
the exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of CustomerView.java, line 75.
Source Destination
Code Snippet
File Name CustomerView.java
Method public void actionPerformed(ActionEvent e)
....
109. catch(SQLException sqlx)
....
111. sqlx.printStackTrace();
Method actionPerformed, at line 75 of BillingView.java, handles an Exception or runtime Error sqlx. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of BillingView.java, line 75.
Source Destination
Code Snippet
File Name BillingView.java
Method public void actionPerformed(ActionEvent e)
....
109. catch(SQLException sqlx)
....
111. sqlx.printStackTrace();
Method actionPerformed, at line 75 of VendorView.java, handles an Exception or runtime Error sqlx. During
the exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of VendorView.java, line 75.
Source Destination
Code Snippet
File Name VendorView.java
Method public void actionPerformed(ActionEvent e)
....
109. catch(SQLException sqlx)
....
111. sqlx.printStackTrace();
Code Snippet
File Name InventoryView.java
Method public void actionPerformed(ActionEvent e)
....
109. catch(SQLException sqlx)
....
111. sqlx.printStackTrace();
Method actionPerformed, at line 80 of JobCardView.java, handles an Exception or runtime Error sqlx. During
the exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of JobCardView.java, line 80.
Source Destination
Code Snippet
File Name JobCardView.java
Method public void actionPerformed(ActionEvent e)
....
114. catch(SQLException sqlx)
....
116. sqlx.printStackTrace();
Method actionPerformed, at line 131 of LoginAdd.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of LoginAdd.java, line 131.
Source Destination
Object ae printStackTrace
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
150. catch(Exception ae)
....
152. ae.printStackTrace();
Method displayResultSet, at line 115 of BillingView.java, handles an Exception or runtime Error sqlx. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
displayResultSet of BillingView.java, line 115.
Source Destination
Code Snippet
File Name BillingView.java
Method public void displayResultSet(ResultSet rs1)throws SQLException
Method displayResultSet, at line 115 of InventoryView.java, handles an Exception or runtime Error sqlx. During
the exception handling code, the application exposes the exception details to printStackTrace, in method
displayResultSet of InventoryView.java, line 115.
Source Destination
Code Snippet
File Name InventoryView.java
Method public void displayResultSet(ResultSet rs1)throws SQLException
....
150. catch(SQLException sqlx)
....
152. sqlx.printStackTrace();
Method displayResultSet, at line 115 of VendorView.java, handles an Exception or runtime Error sqlx. During
the exception handling code, the application exposes the exception details to printStackTrace, in method
displayResultSet of VendorView.java, line 115.
Source Destination
Code Snippet
File Name VendorView.java
Method public void displayResultSet(ResultSet rs1)throws SQLException
....
150. catch(SQLException sqlx)
....
152. sqlx.printStackTrace();
Method displayResultSet, at line 115 of CustomerView.java, handles an Exception or runtime Error sqlx. During
the exception handling code, the application exposes the exception details to printStackTrace, in method
displayResultSet of CustomerView.java, line 115.
Source Destination
Code Snippet
File Name CustomerView.java
Method public void displayResultSet(ResultSet rs1)throws SQLException
....
150. catch(SQLException sqlx)
....
152. sqlx.printStackTrace();
Code Snippet
File Name JobCardView.java
Method public void displayResultSet(ResultSet rs1)throws SQLException
....
155. catch(SQLException sqlx)
....
157. sqlx.printStackTrace();
Method actionPerformed, at line 101 of Login.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of Login.java, line 101.
Source Destination
Object ae printStackTrace
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
....
164. catch(Exception ae)
....
166. ae.printStackTrace();
Method actionPerformed, at line 146 of Vendor.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of Vendor.java, line 146.
Source Destination
Object ae printStackTrace
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
167. catch(Exception ae)
....
169. ae.printStackTrace();
Method actionPerformed, at line 149 of Inventory.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of Inventory.java, line 149.
Source Destination
Object ae printStackTrace
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
Method actionPerformed, at line 161 of JobCard.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of JobCard.java, line 161.
Source Destination
Object ae printStackTrace
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
182. catch(Exception ae)
....
184. ae.printStackTrace();
Method actionPerformed, at line 184 of Customer.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of Customer.java, line 184.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
216. catch(Exception ae)
....
218. ae.printStackTrace();
Method actionPerformed, at line 206 of Billing.java, handles an Exception or runtime Error ae. During the
exception handling code, the application exposes the exception details to printStackTrace, in method
actionPerformed of Billing.java, line 206.
Source Destination
Object ae printStackTrace
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
250. catch(Exception ae)
....
252. ae.printStackTrace();
Object ae printStackTrace
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
327. catch(Exception ae)
....
329. ae.printStackTrace();
Categories
FISMA 2014: Identification And Authentication
NIST SP 800-53: AC-3 Access Enforcement (P1)
OWASP Top 10 2021: A1-Broken Access Control
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Security Functions
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V04 Access Control
Description
Improper Resource Access Authorization\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=183
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Code Snippet
....
165. int result = stmt.executeUpdate ( query );
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
169. int result = stmt.executeUpdate ( query );
Code Snippet
File Name Billing.java
....
313. int result = stmt.executeUpdate ( query );
Code Snippet
File Name VendorView.java
Method public void actionPerformed(ActionEvent e)
....
105. rs = stmt.executeQuery(query);
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
180. int result = stmt.executeUpdate ( query );
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
Code Snippet
File Name CustomerView.java
Method public void actionPerformed(ActionEvent e)
....
105. rs = stmt.executeQuery(query);
Code Snippet
File Name BillingView.java
Method public void actionPerformed(ActionEvent e)
Line 74 74
Code Snippet
File Name CustomerDel.java
Method public void actionPerformed(ActionEvent e)
....
74. int result = stmt.executeUpdate ( query );
Line 72 72
Code Snippet
File Name BillingDel.java
Method public void actionPerformed(ActionEvent e)
Line 73 73
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
....
73. int result = stmt.executeUpdate ( query );
Line 72 72
Code Snippet
File Name JobCardDel.java
Method public void actionPerformed(ActionEvent e)
Line 74 74
Code Snippet
File Name VendorDel.java
Method public void actionPerformed(ActionEvent e)
....
74. int result = stmt.executeUpdate ( query );
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
....
121. rs = stmt.executeQuery ( query );
Code Snippet
File Name JobCardView.java
Method public void actionPerformed(ActionEvent e)
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
316. rs1 = stmt1.executeQuery ( query1 );
Line 74 74
Code Snippet
File Name InventoryDel.java
Method public void actionPerformed(ActionEvent e)
Code Snippet
File Name InventoryView.java
Method public void actionPerformed(ActionEvent e)
....
105. rs = stmt.executeQuery(query);
Categories
NIST SP 800-53: SC-5 Denial of Service Protection (P1)
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Code error
ASD STIG 5.2: APSC-DV-002400 - CAT II The application must restrict the ability to launch Denial of Service
(DoS) attacks against itself or other information systems.
Description
Improper Resource Shutdown or Release\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=203
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
163. con = DriverManager.getConnection("jdbc:odbc:JMS1");
164. stmt = con.createStatement();
The application's actionPerformed method in Customer.java defines and initializes the getConnection object at
184. This object encapsulates a limited computing resource, such as open file streams, database connections,
or network streams. This resource is not properly closed and released in all situations.
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
212. con = DriverManager.getConnection("jdbc:odbc:JMS");
213. stmt = con.createStatement();
The application's actionPerformed method in BillingDel.java defines and initializes the getConnection object at
58. This object encapsulates a limited computing resource, such as open file streams, database connections, or
network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 68 71
Code Snippet
File Name BillingDel.java
Method public void actionPerformed(ActionEvent e)
....
68. con = DriverManager.getConnection("jdbc:odbc:JMS");
....
71. stmt = con.createStatement();
The application's actionPerformed method in VendorDel.java defines and initializes the getConnection object
at 60. This object encapsulates a limited computing resource, such as open file streams, database connections,
or network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 70 73
Code Snippet
File Name VendorDel.java
Method public void actionPerformed(ActionEvent e)
....
70. con = DriverManager.getConnection("jdbc:odbc:JMS");
....
73. stmt = con.createStatement();
The application's actionPerformed method in LoginDel.java defines and initializes the getConnection object at
58. This object encapsulates a limited computing resource, such as open file streams, database connections, or
network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 68 72
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
....
68. con = DriverManager.getConnection("jdbc:odbc:JMS");
....
72. stmt = con.createStatement();
The application's InterNal method in InterNal.java defines and initializes the getConnection object at 30. This
object encapsulates a limited computing resource, such as open file streams, database connections, or
network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 37 37
Code Snippet
File Name InterNal.java
....
37. con = DriverManager.getConnection("jdbc:odbc:JMS");
The application's actionPerformed method in CustomerDel.java defines and initializes the getConnection
object at 60. This object encapsulates a limited computing resource, such as open file streams, database
connections, or network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 70 73
Code Snippet
File Name CustomerDel.java
Method public void actionPerformed(ActionEvent e)
....
70. con = DriverManager.getConnection("jdbc:odbc:JMS");
....
73. stmt = con.createStatement();
The application's actionPerformed method in InventoryDel.java defines and initializes the getConnection
object at 60. This object encapsulates a limited computing resource, such as open file streams, database
connections, or network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 70 73
Code Snippet
File Name InventoryDel.java
Method public void actionPerformed(ActionEvent e)
....
70. con = DriverManager.getConnection("jdbc:odbc:JMS");
....
73. stmt = con.createStatement();
The application's CustomerView method in CustomerView.java defines and initializes the getConnection
object at 26. This object encapsulates a limited computing resource, such as open file streams, database
connections, or network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 31 31
Code Snippet
File Name CustomerView.java
Method public CustomerView()
....
31. con = DriverManager.getConnection("jdbc:odbc:JMS");
The application's actionPerformed method in JobCardDel.java defines and initializes the getConnection object
at 58. This object encapsulates a limited computing resource, such as open file streams, database connections,
or network streams. This resource is not properly closed and released in all situations.
Line 68 71
Code Snippet
File Name JobCardDel.java
Method public void actionPerformed(ActionEvent e)
....
68. con = DriverManager.getConnection("jdbc:odbc:JMS");
....
71. stmt = con.createStatement();
The application's Login method in Login.java defines and initializes the getConnection object at 28. This object
encapsulates a limited computing resource, such as open file streams, database connections, or network
streams. This resource is not properly closed and released in all situations.
Source Destination
Line 46 46
Code Snippet
File Name Login.java
Method public Login()
....
46. con = DriverManager.getConnection("jdbc:odbc:JMS");
Line 36 36
Code Snippet
File Name JobCardView.java
Method public JobCardView()
....
36. con = DriverManager.getConnection("jdbc:odbc:JMS");
The application's LoginAdd method in LoginAdd.java defines and initializes the getConnection object at 35.
This object encapsulates a limited computing resource, such as open file streams, database connections, or
network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 40 40
Code Snippet
File Name LoginAdd.java
Method public LoginAdd()
....
40. con = DriverManager.getConnection("jdbc:odbc:JMS");
The application's BillingView method in BillingView.java defines and initializes the getConnection object at 26.
This object encapsulates a limited computing resource, such as open file streams, database connections, or
network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 31 31
Code Snippet
File Name BillingView.java
Method public BillingView()
....
31. con = DriverManager.getConnection("jdbc:odbc:JMS");
The application's actionPerformed method in Inventory.java defines and initializes the getConnection object at
149. This object encapsulates a limited computing resource, such as open file streams, database connections,
or network streams. This resource is not properly closed and released in all situations.
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
167. con = DriverManager.getConnection("jdbc:odbc:JMS");
168. stmt = con.createStatement();
The application's actionPerformed method in JobCard.java defines and initializes the getConnection object at
161. This object encapsulates a limited computing resource, such as open file streams, database connections,
or network streams. This resource is not properly closed and released in all situations.
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
178. con = DriverManager.getConnection("jdbc:odbc:JMS1");
179. stmt = con.createStatement();
The application's Billing method in Billing.java defines and initializes the getConnection object at 46. This
object encapsulates a limited computing resource, such as open file streams, database connections, or
network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 51 51
Code Snippet
File Name Billing.java
Method public Billing()
The application's InventoryView method in InventoryView.java defines and initializes the getConnection object
at 26. This object encapsulates a limited computing resource, such as open file streams, database connections,
or network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 31 31
Code Snippet
File Name InventoryView.java
Method public InventoryView()
....
31. con = DriverManager.getConnection("jdbc:odbc:JMS");
The application's VendorView method in VendorView.java defines and initializes the getConnection object at
26. This object encapsulates a limited computing resource, such as open file streams, database connections, or
network streams. This resource is not properly closed and released in all situations.
Source Destination
Line 31 31
....
31. con = DriverManager.getConnection("jdbc:odbc:JMS");
Heap Inspection
Query Path:
Java\Cx\Java Low Visibility\Heap Inspection Version:10
Categories
OWASP Top 10 2013: A6-Sensitive Data Exposure
OWASP Top 10 2021: A2-Cryptographic Failures
OWASP ASVS: V08 Data Protection
ASA Premium: ASA Premium
ASD STIG 5.2: APSC-DV-002330 - CAT II The application must protect the confidentiality and integrity of
stored information when required by DoD policy or the information owner.
Description
Heap Inspection\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=176
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Method actionPerformed at line 101 of Login.java defines SPassword, which is designated to contain user
passwords. However, while plaintext passwords are later assigned to SPassword, this variable is never cleared
from memory.
Source Destination
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
....
110. String SPassword = Password.getText();
Heap Inspection\Path 2:
Severity Low
Result State To Verify
Method actionPerformed at line 101 of Login.java defines dPassword, which is designated to contain user
passwords. However, while plaintext passwords are later assigned to dPassword, this variable is never cleared
from memory.
Source Destination
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
....
130. String dPassword = rs.getString(("Password"));
Heap Inspection\Path 3:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=178
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Method actionPerformed at line 131 of LoginAdd.java defines sPassword, which is designated to contain user
passwords. However, while plaintext passwords are later assigned to sPassword, this variable is never cleared
from memory.
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
134. String sPassword = Password.getText();
Method actionPerformed at line 131 of LoginAdd.java defines sPasswordC, which is designated to contain user
passwords. However, while plaintext passwords are later assigned to sPasswordC, this variable is never cleared
from memory.
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
135. String sPasswordC = PasswordC.getText();
Heap Inspection\Path 5:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=180
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Method Login at line 28 of Login.java defines l_Password, which is designated to contain user passwords.
However, while plaintext passwords are later assigned to l_Password, this variable is never cleared from
memory.
Source Destination
Line 69 69
Code Snippet
File Name Login.java
Method public Login()
Heap Inspection\Path 6:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=181
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Method LoginAddFrame at line 47 of LoginAdd.java defines l_Password, which is designated to contain user
passwords. However, while plaintext passwords are later assigned to l_Password, this variable is never cleared
from memory.
Source Destination
Line 73 73
Code Snippet
File Name LoginAdd.java
Method public JInternalFrame LoginAddFrame(JDesktopPane desktop)
....
73. JLabel l_Password =new JLabel(" Password:");
Heap Inspection\Path 7:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=182
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Method LoginAddFrame at line 47 of LoginAdd.java defines l_PasswordC, which is designated to contain user
passwords. However, while plaintext passwords are later assigned to l_PasswordC, this variable is never cleared
from memory.
Source Destination
Line 81 81
....
81. JLabel l_PasswordC =new JLabel("Re Enter Password:");
Categories
PCI DSS v3.2.1: PCI DSS (3.2.1) - 6.5.10 - Broken authentication and session management
OWASP Top 10 2013: A2-Broken Authentication and Session Management
FISMA 2014: Media Protection
NIST SP 800-53: SC-8 Transmission Confidentiality and Integrity (P1)
OWASP Top 10 2017: A2-Broken Authentication
OWASP Top 10 2021: A4-Insecure Design
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Security Functions
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V02 Authentication
ASD STIG 5.2: APSC-DV-001740 - CAT I The application must only store cryptographic representations of
passwords.
Description
Insufficiently Protected Credentials\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=233
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
The password 101 did not used a secure scheme to store the password - this may allow attackers to retrieve it,
and use it to access authenticated resources.
Source Destination
Object rs dPassword
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
The password 101 did not used a secure scheme to store the password - this may allow attackers to retrieve it,
and use it to access authenticated resources.
Source Destination
Object rs dPassword
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
....
121. rs = stmt.executeQuery ( query );
....
126. while(rs.next())
....
128. String dUser = rs.getString(("User"));
....
130. String dPassword = rs.getString(("Password"));
....
135.
if((SType.equals(dType))&&(SUser.equals(dUser))&&(SPassword.equals(dPass
word)))
The password 101 did not used a secure scheme to store the password - this may allow attackers to retrieve it,
and use it to access authenticated resources.
Source Destination
Object rs dPassword
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
....
121. rs = stmt.executeQuery ( query );
....
126. while(rs.next())
....
128. String dUser = rs.getString(("User"));
....
130. String dPassword = rs.getString(("Password"));
The password 101 did not used a secure scheme to store the password - this may allow attackers to retrieve it,
and use it to access authenticated resources.
Source Destination
Object rs dPassword
Code Snippet
File Name Login.java
Method public void actionPerformed(ActionEvent e)//throws SQLException
Log Forging
Query Path:
JavaScript\Cx\JavaScript Server Side Vulnerabilities\Log Forging Version:4
Categories
FISMA 2014: System And Information Integrity
NIST SP 800-53: AU-9 Protection of Audit Information (P1)
OWASP Top 10 2017: A1-Injection
OWASP Top 10 2021: A9-Security Logging and Monitoring Failures
OWASP ASVS: V07 Error Handling and Logging
ASA Premium: ASA Premium
Description
Log Forging\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=259
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Line 51 51
Code Snippet
File Name terraform-examples-master/azure/azure_linux_docker_app_service/example-app/index.js
Method const requestListener = async function (req, res) {
Log Forging\Path 2:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=260
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Line 14 35
Code Snippet
File Name terraform-examples-
master/google_cloud/CQRS_bigquery_memorystore/functions/src/probe/index.js
Method exports.probe = async (event, ctx) => {
....
14. : event.query; // If running as http
....
13. const payload = event.data ? JSON.parse(Buffer.from(event.data,
'base64'))
....
35. console.log(`New version detected ${payload.version} writing
control`);
Log Forging\Path 3:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=261
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Line 14 45
Code Snippet
File Name terraform-examples-
master/google_cloud/CQRS_bigquery_memorystore/functions/src/probe/index.js
Method exports.probe = async (event, ctx) => {
....
14. : event.query; // If running as http
....
13. const payload = event.data ? JSON.parse(Buffer.from(event.data,
'base64'))
....
17. const user = `probe_${payload.version}`;
....
37. control => bigquery
....
41. user: user,
....
40. .insert([{
....
44. }]).catch(err => {
45. console.error(JSON.stringify(err));
Categories
OWASP Top 10 2021: A4-Insecure Design
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Error processing
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V14 Configuration
ASD STIG 5.2: APSC-DV-002480 - CAT II The application must not disclose unnecessary information to users.
Description
Information Exposure Through an Error Message\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=241
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Line 36 39
Code Snippet
File Name terraform-examples-
master/google_cloud/CQRS_bigquery_memorystore/functions/src/test/index.js
Method exports.test = async (req, res) => {
....
36. } catch (err) {
....
41. "error": err.message,
....
39. .send({
JSON Hijacking
Query Path:
JavaScript\Cx\JavaScript Server Side Vulnerabilities\JSON Hijacking Version:2
Categories
NIST SP 800-53: SC-23 Session Authenticity (P1)
Description
JSON Hijacking\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=252
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Line 7 5
Code Snippet
File Name terraform-examples-master/aws/aws_lambda_api/example-project/src/index.ts
Method export const handler: APIGatewayProxyHandler = () => {
....
7. body: JSON.stringify(getRandomJoke(), null, 2)
....
5. return Promise.resolve({
Categories
OWASP Top 10 2021: A7-Identification and Authentication Failures
OWASP ASVS: V14 Configuration
ASA Premium: ASA Premium
Description
Missing CSP Header\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=264
Line 5 5
Code Snippet
File Name terraform-examples-master/aws/aws_lambda_api/example-project/src/index.ts
Method export const handler: APIGatewayProxyHandler = () => {
....
5. return Promise.resolve({
Categories
OWASP Top 10 2021: A1-Broken Access Control
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Verification and representation of input data
SANS top 25: SANS top 25
CWE top 25: CWE top 25
OWASP ASVS: V13 API and Web Service
Description
Potentially Vulnerable To Csrf\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=265
Result Comment
Status New
Detection Date 8/23/2023 8:24:25 AM
Line 62 62
Code Snippet
File Name terraform-examples-master/azure/azure_linux_docker_app_service/example-app/index.js
Method async function startServer() {
....
62. const server = http.createServer(requestListener);
Categories
OWASP Top 10 2013: A9-Using Components with Known Vulnerabilities
OWASP Top 10 2017: A9-Using Components with Known Vulnerabilities
OWASP Top 10 2021: A4-Insecure Design
OWASP ASVS: V01 Architecture, Design and Threat Modeling
Description
Use of Deprecated or Obsolete Functions\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=266
Result Comment
Status New
Detection Date 8/23/2023 8:24:26 AM
Line 7 7
Code Snippet
File Name terraform-examples-master/aws/aws_reverse_proxy/lambda.tpl.js
Method const validAuthHeader = 'Basic ' + new Buffer(validCredentials).toString('base64');
....
7. const validAuthHeader = 'Basic ' + new
Buffer(validCredentials).toString('base64');
Categories
FISMA 2014: System And Communications Protection
NIST SP 800-53: SC-8 Transmission Confidentiality and Integrity (P1)
OWASP Top 10 2021: A2-Cryptographic Failures
MOIS(KISA) Secure Coding 2021: MOIS(KISA) Security Functions
SANS top 25: SANS top 25
OWASP ASVS: V09 Communication
Description
Use Of HTTP Sensitive Data Exposure\Path 1:
Severity Low
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=267
Result Comment
Status New
Detection Date 8/23/2023 8:24:26 AM
Line 62 62
Code Snippet
File Name terraform-examples-master/azure/azure_linux_docker_app_service/example-app/index.js
Method async function startServer() {
....
62. const server = http.createServer(requestListener);
Categories
OWASP Top 10 2021: A9-Security Logging and Monitoring Failures
OWASP ASVS: V07 Error Handling and Logging
Source Destination
Code Snippet
File Name Vendor.java
Method public void actionPerformed(ActionEvent e)
....
165. int result = stmt.executeUpdate ( query );
Source Destination
Code Snippet
File Name LoginAdd.java
Method public void actionPerformed(ActionEvent e)
....
148. int result = stmt.executeUpdate ( query );
Source Destination
Code Snippet
File Name JobCard.java
Method public void actionPerformed(ActionEvent e)
....
180. int result = stmt.executeUpdate ( query );
Source Destination
Code Snippet
File Name Inventory.java
Method public void actionPerformed(ActionEvent e)
....
169. int result = stmt.executeUpdate ( query );
Source Destination
Code Snippet
File Name Customer.java
Method public void actionPerformed(ActionEvent e)
....
214. int result = stmt.executeUpdate ( query );
Source Destination
Code Snippet
File Name Billing.java
Method public void actionPerformed(ActionEvent e)
....
313. int result = stmt.executeUpdate ( query );
Line 72 72
Code Snippet
File Name JobCardDel.java
Method public void actionPerformed(ActionEvent e)
....
72. int result = stmt.executeUpdate ( query );
Source Destination
Line 73 73
Code Snippet
File Name LoginDel.java
Method public void actionPerformed(ActionEvent e)
....
73. int result = stmt.executeUpdate ( query );
Source Destination
Line 74 74
Code Snippet
File Name InventoryDel.java
Method public void actionPerformed(ActionEvent e)
....
74. int result = stmt.executeUpdate ( query );
Source Destination
Line 74 74
Code Snippet
File Name VendorDel.java
Method public void actionPerformed(ActionEvent e)
....
74. int result = stmt.executeUpdate ( query );
Source Destination
Line 74 74
Code Snippet
File Name CustomerDel.java
Method public void actionPerformed(ActionEvent e)
....
74. int result = stmt.executeUpdate ( query );
Source Destination
Line 72 72
Code Snippet
File Name BillingDel.java
Method public void actionPerformed(ActionEvent e)
....
72. int result = stmt.executeUpdate ( query );
Categories
OWASP Top 10 2021: A9-Security Logging and Monitoring Failures
OWASP ASVS: V07 Error Handling and Logging
Description
Insufficient Logging of Exceptions\Path 1:
Severity Information
Result State To Verify
Online Results https://cxapactrial.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1011402&projec
tid=4262&pathid=268
Result Comment
Status New
Detection Date 8/23/2023 8:24:26 AM
Line 64 64
Code Snippet
File Name SplashScreen.java
Method public void showSplash() {
....
64. } catch (Exception e) {
SQL Injection
Risk
What might happen
An attacker could directly access all of the system's data. The attacker would likely be able to steal any sensitive
information stored by the system, including private user information, credit card details, proprietary business data, and
any other secret data. Likewise, the attacker could possibly modify or erase existing data, or even add new bogus data. In
some scenarios, it may even be possible to execute code on the database.
In addition to disclosing or altering confidential information directly, this vulnerability might also be used to achieve
secondary effects, such as bypassing authentication, subverting security checks, or forging a data trail.
Further increasing the likelihood of exploit is the fact that this flaw is easy for attackers to find, and easy to exploit.
Cause
How does it happen
The application stores and manages data in a database, by submitting a textual SQL query to the database engine for
processing. The application creates the query by simple string concatenation, embedding untrusted data. However, there
is no separation between data and code; furthermore, the embedded data is neither checked for data type validity nor
subsequently sanitized. Thus, the untrusted data could contain SQL commands, or modify the intended query. The
database would interpret the altered query and commands as if they originated from the application, and execute them
accordingly.
Note that an attacker can exploit this vulnerability either by modifying the URL, or by submitting malicious data in the
user input or other request fields.
General Recommendations
How to avoid it
Validate all untrusted data, regardless of source. Validation should be based on a whitelist: accept only data
fitting a specified structure, rather than reject bad patterns.
In particular, check for:
o Data type
o Size
o Range
o Format
o Expected values.
Java
Create SQL query using string concatenation
try {
Connection conn = getConnection();
Statement stmt = conn.createStatement();
ResultSet data = stmt.executeQuery(sql);
userId = data.getInt(1);
} catch (SQLException ex) {
handleExceptions(ex);
}
finally {
closeQuietly(data);
closeQuietly(stmt);
closeQuietly(conn);
}
return userId;
}
try {
Connection conn = getConnection();
Statement stmt = conn.createStatement();
ResultSet data = stmt.executeQuery(sql);
userId = data.getInt(1);
} catch (SQLException ex) {
handleExceptions(ex);
}
finally {
closeQuietly(data);
closeQuietly(stmt);
closeQuietly(conn);
}
return userId;
}
try {
Connection conn = getConnection();
CallableStatement stmt = conn.prepareCall(sqlStoredProc);
stmt.setString(1, userName);
stmt.registerOutParameter(2, java.sql.Types.INTEGER);
stmt.execute();
userId = stmt.getInt(2);
} catch (SQLException ex) {
handleExceptions(ex);
}
finally {
closeQuietly(stmt);
closeQuietly(conn);
}
return userId;
}
Cause
How does it happen
The application performs some action that modifies database contents, based purely on HTTP request content, and does
not require per-request renewed authentication (such as transaction authentication or a synchronizer token), instead
relying solely on session authentication. This means that an attacker could use social engineering to cause a victim to
browse to a link which contains a transaction request to the vulnerable application, submitting that request from the
user's browser. Once the application receives the request, it would trust the victim’s session, and would perform the
action. This type of attack is known as Cross-Site Request Forgery (CSRF).
A Cross-Site Request Forgery attack relies on the trust between a server and an authenticated client. By only validating
the session, the server ensures that a request has emerged from a client's web-browser. However, any website may
submit GET and POST requests to other websites, to which the browser will automatically add the session token if it is in
a cookie. This cross-site request can then be trusted as arriving from the user's browser, but does not validate that it was
their intent was to make this request.
General Recommendations
How to avoid it
Mitigating CSRF requires an additional layer of authentication that is built into the request validation mechanism. This
mechanism would attach an additional token that only applies to the given user; this token would be available within the
user's web-page, but will not be attached automatically to a request from a different website (e.g. not stored in a cookie).
Since the token is not automatically attached to the request, and is not available to the attacker, and is required by the
server to process the request, it would be completely impossible for the attacker to fill in a valid cross-site form that
contains this token.
Many platforms offer built-in CSRF mitigation functionality which should be used, and perform this type of token
management under the hood. Alternatively, use a known or trusted library which adds this functionality.
If implementing CSRF protection is required, this protection should adhere to the following rules:
Any state altering form (Create, Update, Delete operations) should enforce CSRF protection, by adding an CSRF
token to every state altering form submission on the client.
An CSRF token should be generated, and be unique per-user per-session (and, preferably, per request).
The CSRF token should be inserted into the client side form, and be submitted to the server as part of the form
request. For example, it could be a hidden field in an HTML form, or a custom header added by a Javascript
request.
The CSRF token in the request body or custom header must then be verified as belonging to the current user by
the server, before a request is authorized and processed as valid.
Java
Change E-Mail Functionality Vulnerable to XSRF, Allowing Attackers to Hijack User Accounts with the "Forgot
Password" Functionality
Change E-Mail Functionality Protected By XSRF Tokens, By Embedding Token in Form and Comparing It To a
Session Variable
Cause
How does it happen
The application accesses user information without filtering by user ID. For example, it may provide information solely by a
submitted account ID. The application uses the user input to filter specific records from database tables, which contain
sensitive personal information (e.g. user accounts or payment details). Since the application does not filter the records
according to any user identifier, nor constrain it to a pre-computed list of acceptable values, a malicious user can easily
modify the submitted reference identifier, and thus access unauthorized records.
General Recommendations
How to avoid it
Generic Guidance:
Enforce authorization checks before providing any access to sensitive data, including the specific object
reference.
Explicitly block access to any unauthorized data, especially to other users’ data.
If possible, avoid allowing the user to request arbitrary data by simply sending a record ID. For example, instead
of having the user send an account ID, the application should look up the account ID for the current
authenticated user session.
Specific Mitigation:
Filter the database query according to a user-specific identifier, such as the customer number.
Map the user input to an indirect reference, e.g. via a prepared list of allowable values.
Java
Unfiltered Direct Object Reference
Cause
How does it happen
Failure to utilize the "X-FRAME-OPTIONS" header will likely allow attackers to perform Clickjacking attacks. Properly
utilizing the "X-FRAME-OPTIONS" header would indicate to the browser to disallow embedding the web-page within a
frame, mitigating this risk, if the browser supports this header. All modern browsers support this header by default.
General Recommendations
How to avoid it
Utilize the "X-FRAME-OPTIONS" header flags according to business requirements to restrict browsers that support this
header from allowing embedding web-pages in a frame:
· "X-Frame-Options: DENY" will indicate to the browser to disallow embedding any web-page inside a frame, including
the current web-site.
· "X-Frame-Options: SAMEORIGIN" will indicate to the browser to disallow embedding any web-page inside a
frame, excluding the current web-site.
· "X-Frame-Options: ALLOW-FROM https://example.com/" will indicate to the browser to disallow embedding any web-
page inside a frame, excluding the web-site listed after the ALLOW-FROM parameter.
JavaScript
Use Helmet To Automatically Set X-Frame-Options Header
app.use(helmet.frameguard());
response.setHeader("X-Frame-Options", "DENY");
Cause
How does it happen
The application provides user information without filtering by user ID. For example, it may provide information solely by a
submitted account ID. The application concatenates the user input directly into the SQL query string, without any
additional filtering. The application also does not perform any validation on the input, nor constrain it to a pre-computed
list of acceptable values.
General Recommendations
How to avoid it
Generic Guidance:
Enforce authorization checks before providing any access to sensitive data, including the specific object
reference.
Explicitly block access to any unauthorized data, especially to other users’ data.
If possible, avoid allowing the user to request arbitrary data by simply sending a record ID. For example, instead
of having the user send an account ID, the application should look up the account ID for the current
authenticated user session.
Specific Mitigation:
Do not concatenate user input directly into SQL queries.
Include a user-specific identifier as a filter in the WHERE clause of the SQL query.
Map the user input to an indirect reference, e.g. via a prepared list of allowable values.
Java
Unfiltered Direct Object Reference
return accountRS;
}
return accountRS;
}
Cause
How does it happen
Many users browse to websites by simply typing the domain name into the address bar, without the protocol prefix. The
browser will automatically assume that the user's intended protocol is HTTP, instead of the encrypted HTTPS protocol.
When this initial request is made, an attacker can perform a Man-in-the-Middle attack and manipulate it to redirect users
to a malicious web-site of the attacker's choosing. To protect the user from such an occurence, the HTTP Strict Transport
Security (HSTS) header instructs the user's browser to disallow use of an unsecure HTTP connection to the the domain
associated with the HSTS header.
Once a browser that supports the HSTS feature has visited a web-site and the header was set, it will no longer
allow communicating with the domain over an HTTP connection.
Once an HSTS header was issued for a specific website, the browser is also instructed to prevent users from manually
overriding and accepting an untrusted SSL certificate for as long as the "max-age" value still applies. The recommended
"max-age" value is for at least one year in seconds, or 31536000.
General Recommendations
How to avoid it
Before setting the HSTS header - consider the implications it may have:
o Forcing HTTPS will prevent any future use of HTTP, which could hinder some testing
o Disabling HSTS is not trivial, as once it is disabled on the site, it must also be disabled on the browser
Set the HSTS header either explicitly within application code, or using web-server configurations.
Ensure the "max-age" value for HSTS headers is set to 31536000 to ensure HSTS is strictly enforced for at least
one year.
Include the "includeSubDomains" to maximize HSTS coverage, and ensure HSTS is enforced on all sub-domains
under the current domain
o Note that this may prevent secure browser access to any sub-domains that utilize HTTP; however, use of
HTTP is very severe and highly discouraged, even for websites that do not contain any sensitive
information, as their contents can still be tampered via Man-in-the-Middle attacks to phish users under
the HTTP domain.
Once HSTS has been enforced, submit the web-application's address to an HSTS preload list - this will ensure
that, even if a client is accessing the web-application for the first time (implying HSTS has not yet been set by the
web-application), a browser that respects the HSTS preload list would still treat the web-application as if it had
already issued an HSTS header. Note that this requires the server to have a trusted SSL certificate, and issue an
HSTS header with a maxAge of 1 year (31536000)
Note that this query is designed to return one result per application. This means that if more than one vulnerable
response without an HSTS header is identified, only the first identified instance of this issue will be highlighted as
a result. If a misconfigured instance of HSTS is identified (has a short lifespan, or is missing the
"includeSubDomains" flag), that result will be flagged. Since HSTS is required to be enforced across the entire
application to be considered a secure deployment of HSTS functionality, fixing this issue only where the query
highlights this result is likely to produce subsequent results in other sections of the application; therefore, when
adding this header via code, ensure it is uniformly deployed across the entire application. If this header is added
via configuration, ensure that this configuration applies to the entire application.
Note that misconfigured HSTS headers that do not contain the recommended max-age value of at least one year
or the "includeSubDomains" flag will still return a result for a missing HSTS header.
JavaScript
Using Helmet with Express
Using Explicit HSTS Package - Built into Helmet, So Either 'HSTS' or 'Helmet' Can Be Used
app.use(hsts({
maxAge: 31536000,
includeSubDomains: true // Also enabled by default
}))
Cause
How does it happen
The application stores and manages data in a database, by submitting a textual SQL query to the database engine for
processing. The application creates the query by simple string concatenation, embedding untrusted data. However, there
is no separation between data and code; furthermore, the embedded data is neither checked for data type validity nor
subsequently sanitized. Thus, the untrusted data could contain SQL commands, or modify the intended query. The
database would interpret the altered query and commands as if they originated from the application, and execute them
accordingly.
In this case, the attacker does not need to rely on the application returning data from the database. Instead, it is possible
to leverage existing tools that perform a series of boolean tests based on varying user input, relying only on the existence
of application errors to indicate server state. Thus, the full database content can gradually be obtained, one bit at a time.
General Recommendations
How to avoid it
Validate all untrusted data, regardless of source. Validation should be based on a whitelist: accept only data
fitting a specified structure, rather than reject bad patterns.
In particular, check for:
o Data type
o Size
o Range
o Format
o Expected values.
Restrict access to database objects and functionality, according to the Principle of Least Privilege.
Do not use dynamically concatenate strings to construct SQL queries.
Prefer using DB Stored Procedures for all data access, instead of ad-hoc dynamic queries.
Instead of unsafe string concatenation, use secure database components such as parameterized queries and
object bindings (for example, commands and parameters).
Alternatively, an even better solution is to use an ORM library, in order to pre-define and encapsulate the allowed
commands enabled for the application, instead of dynamically accessing the database directly. In this way the
code plane and data plane should be isolated from each other.
Do not allow the user to dynamically provide the name of the queried table. Furthermore, if possible, completely
avoid dynamically specifying table names.
Ensure that all exceptions are properly handled, without leaking information on the errors, server state, or that an
error occurred at all.
Data validation can be performed effectively using a secure library, such as OWASP's Encoder or ESAPI libraries.
Prefer using PreparedStatement for parameterizing the queries, or even better CallableStatement. Add
dynamic data via the .set*() methods, instead of string concatenation.
Java
Create SQL INSERT query using string concatenation
try {
Connection conn = getConnection();
Statement stmt = conn.createStatement();
rowCount = stmt.executeUpdate(sql);
} catch (SQLException ex) {
handleExceptions(ex);
}
finally {
closeQuietly(stmt);
closeQuietly(conn);
}
if (rowCount > 0)
return "Success";
else
return "Failed!";
}
Build PreparedStatement to call write-only Stored Procedure and set input to parameters
try {
Connection conn = getConnection();
CallableStatement stmt = conn.prepareCall(sqlStoredProc);
stmt.setString(1, userName);
rowCount = stmt.executeUpdate();
} catch (SQLException ex) {
handleExceptions(ex);
}
finally {
closeQuietly(stmt);
closeQuietly(conn);
}
Cause
How does it happen
String variables are immutable - in other words, once a string variable is assigned, its value cannot be changed or
removed. Thus, these strings may remain around in memory, possibly in multiple locations, for an indefinite period of
time until the garbage collector happens to remove it. Sensitive data, such as passwords, will remain exposed in memory
as plaintext with no control over their lifetime.
While it may still be possible to retrieve data from memory, even if it uses a mutable container that is cleared, or retrieve
a decryption key and decrypt sensitive data from memory - layering sensitive data with these types of protection would
significantly increase the required effort to do so. By setting a high bar for retrieving sensitive data from memory, and
reducing the amount and exposure of sensitive data in memory, an adversary is significantly less likely to succeed in
obtaining valuable data.
General Recommendations
How to avoid it
When it comes to avoiding Heap Inspection, it is important to note that, given any read access to memory or a memory
dump of an application, it is always likely to disclose some sensitive data to an adversary - these suggestions are part of
defense-in-depth principles for protection of sensitive data in cases where such memory read access is successfully
obtained. These recommendations will enable significant reduction in the lifespan and exposure of sensitive data in
memory; however - given enough time, effort and unlimited access to memory, they will only go so far in protecting
sensitive data being used by the application. The only way to handle Heap Inspection issues is to minimize and reduce
data exposure, and obscure it in memory wherever possible.
Do not store sensitive data, such as passwords or encryption keys, in memory in plain-text, even for a short
period of time.
Prefer to use specialized classes that store encrypted data in memory to ensure it cannot be trivially retrieved
from memory.
When required to use sensitive data in its raw form, temporarily store it in mutable data types, such as byte
arrays, to reduce readability from memory, and then promptly zeroize the memory locations, to reduce exposure
duration of this data while in memory.
Ensure that memory dumps are not exchanged with untrusted parties, as even by ensuring all of the above - it
may still be possible to reverse-engineer encrypted containers, or retrieve bytes of sensitive data from memory
and rebuild it.
In Java, do not store passwords in immutable strings - prefer using an encrypted memory object, such as
SealedObject.
Java
Plaintext Password in Immutable String
class Heap_Inspection_Fixed
{
private SealedObject password;
Cause
How does it happen
A logic flow in code triggers I/O and is not authorized. If an attacker can trigger it, it may leave it vulnerable to attack.
General Recommendations
How to avoid it
When logic flows are affected by user input or behavior, always ensure the user is authorized to trigger them.
Java
Writing to File Without Any Authorization Checks
Cause
How does it happen
The application code allocates resource objects, but does not ensure these are always closed and released in a timely
manner. This can include database connections, file handles, network sockets, or any other resource that needs to be
released. In some cases, these might be released - but only if everything works as planned; if there is any runtime
exception during the normal course of system operations, resources start to leak.
Note that even in managed-memory languages such as Java, these resources must be explicitly released. Many types of
resource are not released even when the Garbage Collector runs; and even if the the object would eventually release the
resource, we have no control over when the Garbage Collector does run.
General Recommendations
How to avoid it
Always close and release all resources.
Ensure resources are released (along with any other necessary cleanup) in a finally { } block. Do not close
resources in a catch { } block, since this is not ensured to be called.
Explicitly call .close() on any instance of a class that implements the Closable or AutoClosable interfaces.
Alternatively, an even better solution is to use the try-with-resources idiom, in order to automatically close any
defined AutoClosable instances.
Java
Unreleased Database Connection
Cause
How does it happen
The application handles exceptions in an insecure manner, including raw details directly in the error message. This could
occur in various ways: by not handling the exception; printing it directly to the output or file; explicitly returning the
exception object; or by configuration. These exception details may include sensitive information that could leak to the
users due to the occurrence of the runtime error.
General Recommendations
How to avoid it
Do not expose exception data directly to the output or users, instead return an informative, generic error
message. Log the exception details to a dedicated log mechanism.
Any method that could throw an exception should be wrapped in an exception handling block that:
o Explicitly handles expected exceptions.
o Includes a default solution to explicitly handle unexpected exceptions.
Configure a global handler to prevent unhandled errors from leaving the application.
Java
Handle Exception by Printing To Output
try {
callDbProc(paramValue);
} catch (SQLException ex) {
ex.printStackTrace();
}
}
Cause
How does it happen
A password was stored in plaintext, outside of a secure container such as a password hashing algorithm or data
encryption.
General Recommendations
How to avoid it
Generic Guidance:
Always use strong, modern algorithms for encryption, hashing, and so on.
Do not use weak, outdated, or obsolete algorithms.
Ensure you select the correct cryptographic mechanism according to the specific requirements.
Passwords should be protected with a dedicated password protection scheme, such as bcrypt, scrypt, PBKDF2, or
Argon2.
Specific Recommendations:
Do not use SHA-1, MD5, or any other weak hash algorithm to protect passwords or personal data. Instead, use a
stronger hash such as SHA-256 when a secure hash is required.
Do not use DES, 3DES, RC2, or any other weak encryption algorithm to protect passwords or personal data.
Instead, use a stronger encryption algorithm such as AES to protect personal data.
Do not use weak encryption modes such as ECB, or rely on insecure defaults. Explicitly specify a stronger
encryption mode, such as GCM.
For symmetric encryption, use a key length of at least 256 bits.
Java
Plaintext Database Password
return conn;
}
try {
Connection conn = DriverManager.getConnection(CONN_STRING,
user, password);
}
catch (SQLException e) {
handleException(e);
}
return conn;
}
Cause
How does it happen
The application handles exceptions in an insecure manner, including raw details directly in the error message. This could
occur in various ways: by not handling the exception; printing it directly to the output or file; explicitly returning the
exception object; or by configuration. These exception details may include sensitive information that could leak to the
users due to the occurrence of the runtime error.
General Recommendations
How to avoid it
Do not expose exception data directly to the output or users, instead return an informative, generic error
message. Log the exception details to a dedicated log mechanism.
Any method that could throw an exception should be wrapped in an exception handling block that:
o Explicitly handles expected exceptions.
o Includes a default solution to explicitly handle unexpected exceptions.
Configure a global handler to prevent unhandled errors from leaving the application.
JavaScript
Throwing Error Without Handling it
Cause
How does it happen
The following is required for the application to be vulnerable:
The application must be using cookie-based authentication
The application responds in an authenticated manner to simple GET request
This sensitive data is returned as a JSON, specifically in array form (enclosed in square [] brackets), and containing
objects inside within the array
By returning a JSON array, an attacker may create a malicious website, which incorporates a <script> tag in their page
in the following manner:
<script src="https://example.com/path/to/vulnerable/page"></script>
The browser will interpret the returned value as an object, causing it to temporarily exist in the malicious web-page's
DOM; however since this object it is not assigned or referenced, it will be ephemeral, and would normally be immediately
discarded. This is similar to any other declaration or return value without an assignment, and the malicious web-page
would be unable to reference it in any way.
To actually exploit this issue in a vulnerable browser, an attacker would have to be able to override the prototype
function for setters, which is normally restricted. If the browser is vulnerable and does allow overwriting certain core
prototypes for setters in Javascript within the web-page context, they could craft a Javascript that, once a vulnerable page
is included with the method, an object will initiate construction, trigger the overridden setter prototypes with the JSON
object's contents as values, and an attacker would then be able to access these values in the context of their malicious
web-page. From that point on - accessing them would be trivial.
General Recommendations
How to avoid it
There are multiple methods to address this issue:
Do not respond with JSON arrays as they are wrapped with square brackets, which immediately get evaluated as
objects; if required, wrap the array with an external object (e.g. {"array":[]}) or add some sort of prefix to prevent
this issue
If required, respond with JSON arrays only to POST request; ensure no sensitive information is ever returned as
an array to a GET request
Prefix the JSON object with either JavaScript (for(;;);) or an unparseable JSON ({};) , and, before processing
it on the client, strip this prefix; the latter will cause importation to fail, and the former will cause importation to
hang forever - either way, this will prevent an attacker from importing a JSON object as a script
JavaScript
JSON Array Containing Sensitive Data and Vulnerable to JSON Hijacking
* {"security_question":"Q2","security_answer":"A2"}]}, implying
it will always be formulated
* like a JSON object, not a JSON array, and would not be loaded externally
*/
res.json({"results":results});
});
} else {
res.json({"error":"Not authenticated"});
}
});
JSON Array Preceded by JavaScript That Freezes Page, Preventing Loading Array
* {"security_question":"Q2","security_answer":"A2"}]", implying
if it is loaded as an Object using
* <script src="path/to/this/JSON"></script>, an endless loop will
occur before the object is loaded
Cause
How does it happen
The application writes audit logs upon security-sensitive actions. Since the audit log includes user input that is neither
checked for data type validity nor subsequently sanitized, the input could contain false information made to look like
legitimate audit log data,
General Recommendations
How to avoid it
1. Validate all input, regardless of source. Validation should be based on a whitelist: accept only data fitting a
specified structure, rather than reject bad patterns. Check for:
o Data type
o Size
o Range
o Format
o Expected values
2. Validation is not a replacement for encoding. Fully encode all dynamic data, regardless of source, before
embedding it in logs.
3. Use a secure logging mechanism.
JavaScript
Passing Unsanitized Values to HAPI server.log()
var id = request.query["id"];
try {
var val = tryGetById(id); // Assume this throws an exception if "id" is not found
// Handle val
}
catch(err) {
server.log(['error','id'],id); // Log unsanitized values, which could also not be
sanitized downstream, and could contain CRLF
}
var id = request.query["id"];
try {
var val = tryGetById(id); // Assume this throws an exception if "id" is not found
Cause
How does it happen
The Content-Security-Policy header is used by modern browsers as an indicator for trusted sources of content, including
media, images, scripts, frames and more. If these policies are not explicitly defined, default browser behavior would
allow untrusted content.
The application creates web responses, but does not properly set a Content-Security-Policy header.
General Recommendations
How to avoid it
Explicitly set the Content-Security-Policy headers for all applicable policy types (frame, script, form, script, media, img
etc.) according to business requirements and deployment layout of external file hosting services. Specifically, do not use a
wildcard, '*', to specify these policies, as this would allow content from any external resource.
The Content-Security-Policy can be explicitly defined within web-application code, as a header managed by web-server
configurations, or within <meta> tags in the HTML <head> section.
JavaScript
Setting The CSP Header Explicitly
Cause
How does it happen
The application performs some action that modifies database contents, based purely on HTTP request content, and does
not require per-request renewed authentication (such as transaction authentication or a synchronizer token), instead
relying solely on session authentication. This means that an attacker could use social engineering to cause a victim to
browse to a link which contains a transaction request to the vulnerable application, submitting that request from the
user's browser. Once the application receives the request, it would trust the victim’s session, and would perform the
action. This type of attack is known as Cross-Site Request Forgery (CSRF).
A Cross-Site Request Forgery attack relies on the trust between a server and an authenticated client. By only validating
the session, the server ensures that a request has emerged from a client's web-browser. However, any website may
submit GET and POST requests to other websites, to which the browser will automatically add the session token if it is in
a cookie. This cross-site request can then be trusted as arriving from the user's browser, but does not validate that it was
their intent was to make this request.
In some cases, XSRF protection functionality exists in the application, but is either not implemented, or explicitly disabled.
General Recommendations
How to avoid it
Mitigating CSRF requires an additional layer of authentication that is built into the request validation mechanism. This
mechanism would attach an additional token that only applies to the given user; this token would be available within the
user's web-page, but will not be attached automatically to a request from a different website (e.g. not stored in a cookie).
Since the token is not automatically attached to the request, and is not available to the attacker, and is required by the
server to process the request, it would be completely impossible for the attacker to fill in a valid cross-site form that
contains this token.
Many platforms offer built-in CSRF mitigation functionality which should be used, and perform this type of token
management under the hood. Alternatively, use a known or trusted library which adds this functionality.
If implementing CSRF protection is required, this protection should adhere to the following rules:
Any state altering form (Create, Update, Delete operations) should enforce CSRF protection, by adding an CSRF
token to every state altering form submission on the client.
An CSRF token should be generated, and be unique per-user per-session (and, preferably, per request).
The CSRF token should be inserted into the client side form, and be submitted to the server as part of the form
request. For example, it could be a hidden field in an HTML form, or a custom header added by a Javascript
request.
The CSRF token in the request body or custom header must then be verified as belonging to the current user by
the server, before a request is authorized and processed as valid.
Always rely on best practices when using XSRF protection - always enable built-in functionality or available libraries
where possible.
When using application-wide XSRF protection, never explicitly disable or subvert XSRF protection for specific functionality
unless said functionality has been thoroughly verified to not require XSRF protection.
// If the _csrf token in the request body is not equal to the synchronizer token, the POST
request will be rejected, and this method will not trigger
app.post('/profile/email/edit', (req, res) => {
// Authenticate user session
// Update email address
}
Cause
How does it happen
The application references code elements that have been declared as deprecated. This could include classes, functions,
methods, properties, modules, or obsolete library versions that are either out of date by version, or have been entirely
deprecated. It is likely that the code that references the obsolete element was developed before it was declared as
obsolete, and in the meantime the referenced code was updated.
General Recommendations
How to avoid it
Always prefer to use the most updated versions of libraries, packages, and other dependancies.
Do not use or reference any class, method, function, property, or other element that has been declared
deprecated.
JavaScript
Using a Deprecated Call to createClient
Cause
How does it happen
The web-server created uses HTTP without any TLS encryption.
General Recommendations
How to avoid it
Never transmit sensitive information in plain-text
Always ensure connections, particularly over untrusted networks, are protected by well-configured TLS
JavaScript
Configuring an HTTP Server
Cause
How does it happen
Error's stack trace is not fully printed.
General Recommendations
How to avoid it
Use a centralized logging mechanism that supports multiple levels of detail.Be sure to set the level of logging
appropriately in a production environment. Sufficient data should be logged to enable system administrators to detect
attacks, diagnose errors, and recover from attacks.
Java
Print Stack Trace
Log Error
Operation
Applicable Platforms
Languages
Language-independent
Common Consequences
Scope Effect
Likelihood of Exploit
Medium
Demonstrative Examples
Example 1
The example below shows a configuration for the service security audit feature in the
Windows Communication Foundation (WCF).
(Bad Code)
Example Language: XML
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="NewBehavior">
<serviceSecurityAudit auditLogLocation="Default"
suppressAuditFailure="false"
serviceAuthorizationAuditLevel="None"
messageAuthenticationAuditLevel="None" />
...
</system.serviceModel>
The previous configuration file has effectively disabled the recording of security-critical
events, which would force the administrator to look to other sources during debug or
recovery efforts.
Logging failed authentication attempts can warn administrators of potential brute force
attacks. Similarly, logging successful authentication events can provide a useful audit
trail when a legitimate account is compromised. The following configuration shows
appropriate settings, assuming that the site does not have excessive traffic, which could
fill the logs if there are a large number of success or failure events (CWE-779).
(Good Code)
Example Language: XML
CVE-2007-3730 default configuration for POP server does not log source IP or
username for login attempts
CVE-2007-1225 proxy does not log requests without "http://" in the URL,
allowing web surfers to access restricted web content without
detection
CVE-2003-1566 web server does not log requests for a non-standard request
type
Potential Mitigations
Phase: Architecture and Design
Use a centralized logging mechanism that supports multiple levels of detail. Ensure that all security-related successes and failures
can be logged.
Phase: Operation
Be sure to set the level of logging appropriately in a production environment. Sufficient data should be logged to enable system
administrators to detect attacks, diagnose errors, and recover from attacks. At the same time, logging too much data (CWE-779)
can cause the same problems.
Relationships
Nature Type ID Name View(s) this
relationship pertains
to
ChildOf Weakness Base 223 Omission of Security- Development
relevant Information Concepts
(primary)699
Research Concepts
(primary)1000
ChildOf Category 254 Security Features Development
Concepts699
ChildOf Weakness Class 693 Protection Mechanism Research Concepts1000
Failure
Content History
Submissions
Submission Date Submitter Organization Source
2009-07-02 Internal CWE Team
Contributions
Contribution Date Contributor Organization Source
2009-07-02 Fortify Software Content
Provided code example and additional information for description and consequences.
BACK TO TOP