vb_3845's People
vb_3845's Issues
CX Hardcoded_password_in_Connection_String @ VB_3845_112_lines/encode.frm [master]
Hardcoded_password_in_Connection_String issue exists @ VB_3845_112_lines/encode.frm in branch master
Similarity Id: 1613817459
Severity: Medium
CWE:547
Vulnerability details and guidance
Lines: 67
conn.Open "connection string"
CX SQL_Injection @ encode.frm [master]
SQL_Injection issue exists @ encode.frm in branch master
Method cmdUnsafe_Click at line 34 of encode.frm gets user input from the text element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in a database query in method cmdUnsafe_Click at line 34 of encode.frm. This may enable an SQL Injection attack.
Severity: High
CWE:89
Vulnerability details and guidance
user_name = txtUserName.Text
password = txtPassword.Text
CX SQL_Injection @ /encode.frm [master]
SQL_Injection issue exists @ /encode.frm in branch master
Similarity Id: 1197064592
Severity: HIGH
CWE:89
Vulnerability details and guidance
Lines: 41 42
CX Hardcoded_password_in_Connection_String @ /encode.frm [master]
Hardcoded_password_in_Connection_String issue exists @ /encode.frm in branch master
Similarity Id: -626598861
Severity: MEDIUM
CWE:547
Vulnerability details and guidance
Lines: 67
CX SQL_Injection @ SQL_Injection/CURSOR/ref_cursor.pls [master]
SQL_Injection issue exists @ SQL_Injection/CURSOR/ref_cursor.pls in branch master
Similarity Id: 392555577
Severity: High
CWE:89
Vulnerability details and guidance
Lines: 1
CREATE OR REPLACE PROCEDURE GET_OWNER (P_OBJNM VARCHAR) IS
CX SQL_Injection @ SQL_Injection/DBMS_SQL/test.pls [master]
SQL_Injection issue exists @ SQL_Injection/DBMS_SQL/test.pls in branch master
Similarity Id: -836721838, -775161003, 456162259, 983648529
Severity: High
CWE:89
Vulnerability details and guidance
Lines: 66 12
procedure set_output_table(name_string in varchar2) is
procedure set_output_table_synonym(name_string in varchar2) is
CX SQL_Injection @ VB_3845_112_lines/encode.frm [master]
SQL_Injection issue exists @ VB_3845_112_lines/encode.frm in branch master
Similarity Id: -1269824577
Severity: High
CWE:89
Vulnerability details and guidance
Lines: 42
password = txtPassword.Text
CX Hardcoded_password_in_Connection_String @ encode.frm [master]
Hardcoded_password_in_Connection_String issue exists @ encode.frm in branch master
The application contains hardcoded connection details, ""connection string"", at line 1 of encode.frm. This connection string contains a hardcoded password, which is used in System.Data.SqlClient at line 1 of encode.frm to connect to a database server with open. This can expose the database password, and impede proper password management.
Severity: Medium
CWE:547
Vulnerability details and guidance
Lines: 67
conn.Open "connection string"
CX Privacy_Violation @ VB_3845_112_lines/encode.frm [master]
Privacy_Violation issue exists @ VB_3845_112_lines/encode.frm in branch master
Similarity Id: 2038636427, -603017501
Severity: Medium
CWE:359
Vulnerability details and guidance
Lines: 42 11
password = txtPassword.Text
password = Replace$(txtPassword.Text, "'", "''")
CX Privacy_Violation @ /encode.frm [master]
Privacy_Violation issue exists @ /encode.frm in branch master
Similarity Id: 1944286477
Severity: MEDIUM
CWE:359
Vulnerability details and guidance
Lines: 42 11
CX SQL_Injection @ SQL_Injection/EXECUTE_IMMEDIATE/execute.pls [master]
SQL_Injection issue exists @ SQL_Injection/EXECUTE_IMMEDIATE/execute.pls in branch master
Similarity Id: 2106809557
Severity: High
CWE:89
Vulnerability details and guidance
Lines: 1
CREATE OR REPLACE PROCEDURE SP_ProductSearch(Prodname IN VARCHAR2) AS
CX SQL_Injection @ SQL_Injection/EXECUTE_IMMEDIATE/tcp.pls [master]
SQL_Injection issue exists @ SQL_Injection/EXECUTE_IMMEDIATE/tcp.pls in branch master
Similarity Id: -2013539329
Severity: High
CWE:89
Vulnerability details and guidance
Lines: 10
utl_tcp.read_text(cp, data, 256);
CX Privacy_Violation @ encode.frm [master]
Privacy_Violation issue exists @ encode.frm in branch master
Method cmdSafe_Click at line 3 of encode.frm sends user information outside the application. This may constitute a Privacy Violation.
Severity: Medium
CWE:359
Vulnerability details and guidance
password = txtPassword.Text
password = Replace$(txtPassword.Text, "'", "''")
CX Command_Injection @ HighRisk/Command_Injection.bas [master]
Command_Injection issue exists @ HighRisk/Command_Injection.bas in branch master
Similarity Id: 1488024225
Severity: High
CWE:77
Vulnerability details and guidance
Lines: 6
str = window.Text()
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.