You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Method Order_Show at line 314 of /BookDetail.cs gets user input from element Value. This input is used by the application, without being validated, to filter personal records from sensitive database tables. Method Order_Show submits a query to the database Fill, at line 323 of /BookDetail.cs, without any additional filtering by the database. This could allow the user to choose different records based on the id.
Result #1: Severity: MEDIUM State: TO_VERIFY Status: RECURRENT Attack Vector:
Checkmarx (SAST): DB_Parameter_Tampering
Security Issue: Read More about DB_Parameter_Tampering
Applications: test_App
Checkmarx Project: apcxtest/test-repo-pub2
Repository URL: https://github.com/apcxtest/test-repo-pub2
Branch: main
Scan ID: 5072abd4-8e3e-49e3-b1b5-44426e72387c
Method Order_Show at line 314 of /BookDetail.cs gets user input from element Value. This input is used by the application, without being validated, to filter personal records from sensitive database tables. Method Order_Show submits a query to the database Fill, at line 323 of /BookDetail.cs, without any additional filtering by the database. This could allow the user to choose different records based on the id.
Result #1:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. Value: /BookDetail.cs[314,60]
2. ToSQL: /BookDetail.cs[314,37]
3. sWhere: /BookDetail.cs[314,3]
4. sWhere: /BookDetail.cs[318,49]
5. sSQL: /BookDetail.cs[318,10]
6. sSQL: /BookDetail.cs[319,53]
7. OleDbDataAdapter: /BookDetail.cs[319,32]
8. dsCommand: /BookDetail.cs[319,20]
9. dsCommand: /BookDetail.cs[323,7]
10. Fill: /BookDetail.cs[323,17]
Review result in Checkmarx One: DB_Parameter_Tampering
The text was updated successfully, but these errors were encountered: