Skip to content

Vulnerability fix (powered by Mobb Autofixer) #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
cx-israel-ogunsakin wants to merge 10 commits into
base: master
Choose a base branch
from
Open

Vulnerability fix (powered by Mobb Autofixer) #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
9c3641a
mobb fix commit: b0d69487-6500-4bea-bc96-a5a812ea65fd
Sep 25, 2023
87c5f06
mobb fix commit: 33512a9a-362b-4e5e-93a6-8e1ed0636bb0
Sep 25, 2023
a0cc5cb
mobb fix commit: 3d88a7cd-c2f0-4f8b-8588-a51d2dab7256
Sep 25, 2023
2043dd8
mobb fix commit: 63636d0f-182b-4508-ab01-4de26456a0f0
Sep 25, 2023
5b3c113
mobb fix commit: 0d5563d9-346f-4c60-b8ef-f5bb7aa9e7df
Sep 25, 2023
301c03a
mobb fix commit: 5a59e12c-ccae-4128-807c-94b1f8afcdbb
Sep 25, 2023
418c105
mobb fix commit: a7bfdb62-e3bd-45d0-830e-d70344035b49
Sep 25, 2023
21e4384
mobb fix commit: d462e1ba-3564-43a0-b632-3ed99134be81
Sep 25, 2023
64fe457
mobb fix commit: 8a4e4378-e776-46aa-8e1b-44d4e8e7180a
Sep 25, 2023
63c1951
mobb fix commit: 85632942-3ff6-4bed-9be5-eb336e8c5069
Sep 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions src/main/java/org/cysecurity/cspf/jvl/controller/LoginValidator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@

package org.cysecurity.cspf.jvl.controller;

import java.sql.PreparedStatement;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
Expand Down Expand Up @@ -48,8 +49,9 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
if(con!=null && !con.isClosed())
{
ResultSet rs=null;
Statement stmt = con.createStatement();
rs=stmt.executeQuery("select * from users where username='"+user+"' and password='"+pass+"'");
PreparedStatement stmt = con.prepareStatement("select * from users where username='"+user+"' and password=?");
stmt.setString(1, pass);
rs=stmt.executeQuery();
if(rs != null && rs.next()){
HttpSession session=request.getSession();
session.setAttribute("isLoggedIn", "1");
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/org/cysecurity/cspf/jvl/controller/Register.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
{

Statement stmt = con.createStatement();
stmt.executeUpdate("INSERT into users(username, password, email, About,avatar,privilege,secretquestion,secret) values ('"+user+"','"+pass+"','"+email+"','"+about+"','default.jpg','user',1,'"+secret+"')");
stmt.executeUpdate("INSERT into users(username, password, email, About,avatar,privilege,secretquestion,secret) values ('"+user+"',"+stmt.enquoteLiteral(String.valueOf(pass))+",'"+email+"','"+about+"','default.jpg','user',1,'"+secret+"')");
stmt.executeUpdate("INSERT into UserMessages(recipient, sender, subject, msg) values ('"+user+"','admin','Hi','Hi<br/> This is admin of this page. <br/> Welcome to Our Forum')");

response.sendRedirect("index.jsp");
Expand Down
6 changes: 4 additions & 2 deletions src/main/java/org/cysecurity/cspf/jvl/controller/sqs.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package messageQ;

import java.sql.PreparedStatement;
import com.amazonaws.services.sqs.AmazonSQSClientBuilder;
import com.amazonaws.services.sqs.model.AmazonSQSException;
import com.amazonaws.services.sqs.model.SendMessageBatchRequest;
Expand Down Expand Up @@ -33,8 +34,9 @@ List<Message> read(){
String getId(string data){
try{
Connection con=DriverManager.getConnection("jdbc:mysql://db.com:3306/core", USER, PASS);
Statement stmt = con.createStatement();
rs = stmt.executeQuery("SELECT id FROM t where data = '" + data + "'");
PreparedStatement stmt = con.prepareStatement("SELECT id FROM t where data = ?");
stmt.setString(1, data);
rs = stmt.executeQuery();
return rs.getString("Id");
} catch (Exception exc){
//
Expand Down
40 changes: 23 additions & 17 deletions src/main/webapp/admin/manageusers.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,27 +1,33 @@
<%@ include file="/header.jsp" %>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.SQLException"%>
<%@page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
<%@page import="java.sql.Connection"%>

<%
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
Statement stmt = con.createStatement();
if(request.getParameter("delete")!=null)
{
String user=request.getParameter("user");
stmt.executeUpdate("Delete from users where username='"+user+"'");
}
%>
<form action="manageusers.jsp" method="POST">
<%
ResultSet rs=stmt.executeQuery("select * from users where privilege='user'");
while(rs.next())
{
out.print("<input type='radio' name='user' value='"+rs.getString("username")+"'/> "+rs.getString("username")+"<br/>");
}
%>
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
PreparedStatement pstmt = null;
ResultSet rs = null;
if(request.getParameter("delete")!=null)
{
String user=request.getParameter("user");
String query = "Delete from users where username=?";
pstmt = con.prepareStatement(query);
pstmt.setString(1, user);
pstmt.executeUpdate();
}
%>
<form action="manageusers.jsp" method="POST">
<%
String query = "select * from users where privilege='user'";
pstmt = con.prepareStatement(query);
rs = pstmt.executeQuery();
while(rs.next())
{
out.print("<input type='radio' name='user' value='"+rs.getString("username")+"'/> "+rs.getString("username")+"<br/>");
}
%>
<br/>
<input type="submit" value="Delete" name="delete"/>

Expand Down
61 changes: 27 additions & 34 deletions src/main/webapp/changeCardDetails.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,5 @@
<%@ include file="/header.jsp" %>
<%@page import="java.sql.Connection"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.SQLException"%>

<%@page import="java.sql.ResultSetMetaData"%>
<%@page import="java.sql.ResultSet"%>
<%@ page import="java.util.*,java.io.*"%>
<%@ page import="java.sql.Connection,java.sql.PreparedStatement,java.sql.SQLException"%>
<%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>


Expand All @@ -24,38 +18,37 @@ if(session.getAttribute("isLoggedIn")!=null)
</form>
<br/>
<%
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));

String id=session.getAttribute("userid").toString(); //Gets User ID
String action=request.getParameter("action");
try
{

if(action!=null && action.equalsIgnoreCase("add") )
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
String id=session.getAttribute("userid").toString(); //Gets User ID
String action=request.getParameter("action");
try
{

String cardno=request.getParameter("cardno");
String cvv=request.getParameter("cvv");
String expirydate=request.getParameter("expirydate");
if(!cardno.equals("") && !cvv.equals("") && !expirydate.equals(""))
{
Statement stmt = con.createStatement();
stmt.executeUpdate("INSERT into cards(id,cardno, cvv,expirydate) values ('"+id+"','"+cardno+"','"+cvv+"','"+expirydate+"')");
out.print("<b style='color:green'> * Card details added *</b>");
}
else
if(action!=null && action.equalsIgnoreCase("add") )
{
out.print("<b style='color:red'>* Please Fill all the details * </b>");
String cardno=request.getParameter("cardno");
String cvv=request.getParameter("cvv");
String expirydate=request.getParameter("expirydate");
if(!cardno.equals("") && !cvv.equals("") && !expirydate.equals(""))
{
PreparedStatement pstmt = con.prepareStatement("INSERT into cards(id,cardno, cvv,expirydate) values (?,?,?,?)");
pstmt.setString(1, id);
pstmt.setString(2, cardno);
pstmt.setString(3, cvv);
pstmt.setString(4, expirydate);
pstmt.executeUpdate();
out.print("<b style='color:green'> * Card details added *</b>");
}
else
{
out.print("<b style='color:red'>* Please Fill all the details * </b>");
}
}
out.print("<br/><br/><a href='"+path+"/myprofile.jsp?id="+id+"'>Return to Profile Page &gt;&gt;</a>");
}

out.print("<br/><br/><a href='"+path+"/myprofile.jsp?id="+id+"'>Return to Profile Page &gt;&gt;</a>");

catch(SQLException e)
{
out.print(e);
}
catch(Exception e)
{
out.print(e);
}
}
else
{
Expand Down
75 changes: 32 additions & 43 deletions src/main/webapp/vulnerability/DisplayMessage.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,46 +1,35 @@
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.Connection"%>
<%@ include file="/header.jsp" %>
<%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
<%
if(session.getAttribute("isLoggedIn")!=null)
{
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
if(con!=null && !con.isClosed())
{
if(request.getParameter("msgid")!=null)
{
Statement stmt = con.createStatement();
ResultSet rs =null;
rs=stmt.executeQuery("select * from UserMessages where msgid="+request.getParameter("msgid"));
if(rs.next())
{
out.print("<b>Sender:</b> "+rs.getString("sender"));
out.print("<br/><b>Subject:</b>"+rs.getString("subject"));
out.print("<br/><b>Message:</b> <br/>"+rs.getString("msg"));
}
else
{
out.print("No Message Found");
}
}
else
{
out.print("Message Id Parameter is missing");

}
out.print("<br/><br/><a href='"+path+"/vulnerability/Messages.jsp'>Return to Messages &gt;&gt;</a>");

out.print("<br/><br/><a href='"+path+"/myprofile.jsp?id="+session.getAttribute("userid")+"'>Return to Profile Page &gt;&gt;</a>");

}

}
else
{
out.print("<span style='color:red'>* Please login to send message</span>");
}
%>

<%@ include file="/footer.jsp" %>
<%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
<%
if(session.getAttribute("isLoggedIn")!=null) {
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
if(con!=null && !con.isClosed()) {
if(request.getParameter("msgid")!=null) {
PreparedStatement pstmt = con.prepareStatement("select * from UserMessages where msgid=?");
pstmt.setString(1, request.getParameter("msgid"));
ResultSet rs =null;
rs=pstmt.executeQuery();
if(rs.next()) {
out.print("<b>Sender:</b> "+rs.getString("sender"));
out.print("<br/><b>Subject:</b>"+rs.getString("subject"));
out.print("<br/><b>Message:</b> <br/>"+rs.getString("msg"));
}
else {
out.print("No Message Found");
}
}
else {
out.print("Message Id Parameter is missing");
}
out.print("<br/><br/><a href='"+path+"/vulnerability/Messages.jsp'>Return to Messages &gt;&gt;</a>");
out.print("<br/><br/><a href='"+path+"/myprofile.jsp?id="+session.getAttribute("userid")+"'>Return to Profile Page &gt;&gt;</a>");
}
}
else {
out.print("<span style='color:red'>* Please login to send message</span>");
}
%>
<%@ include file="/footer.jsp" %>
59 changes: 28 additions & 31 deletions src/main/webapp/vulnerability/UserDetails.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,34 +1,31 @@
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.Connection"%>
<%@ include file="/header.jsp" %>
<%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
<%
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
String username=request.getParameter("username");
if(username!=null && !username.equals(""))
{
Statement stmt = con.createStatement();
ResultSet rs =null;
rs=stmt.executeQuery("select * from users where username='"+username+"'");
if(rs != null && rs.next())
{
out.print("<br>About "+rs.getString("username")+": <br>"+rs.getString("about"));

}

if(session.getAttribute("isLoggedIn")!=null && !session.getAttribute("user").equals(username))
{
out.print("<br/><br/>");
out.print("<a href='SendMessage.jsp?recipient="+username+"'>Send Message to "+username+"</a>");
}
}
else
{
out.print("Username Parameter is Missing");
}

out.print("<br/><br/><a href='forum.jsp'>Return to Forum &gt;&gt;</a>");
%>

<%@ include file="/footer.jsp" %>
<%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
<%
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
String username=request.getParameter("username");
if(username!=null && !username.equals(""))
{
PreparedStatement pstmt = con.prepareStatement("select * from users where username=?");
pstmt.setString(1, username);
ResultSet rs =null;
rs=pstmt.executeQuery();
if(rs != null && rs.next())
{
out.print("<br>About "+rs.getString("username")+": <br>"+rs.getString("about"));
}
if(session.getAttribute("isLoggedIn")!=null && !session.getAttribute("user").equals(username))
{
out.print("<br/><br/>");
out.print("<a href='SendMessage.jsp?recipient="+username+"'>Send Message to "+username+"</a>");
}
}
else
{
out.print("Username Parameter is Missing");
}
out.print("<br/><br/><a href='forum.jsp'>Return to Forum &gt;&gt;</a>");
%>
<%@ include file="/footer.jsp" %>
52 changes: 25 additions & 27 deletions src/main/webapp/vulnerability/forumposts.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,30 +1,28 @@
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.Connection"%>
<%@ include file="/header.jsp" %>
<%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
<%
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));

String postid=request.getParameter("postid");
if(postid!=null)
{
Statement stmt = con.createStatement();
ResultSet rs =null;
rs=stmt.executeQuery("select * from posts where postid="+postid);
if(rs != null && rs.next())
{
out.print("<b style='font-size:22px'>Title:"+rs.getString("title")+"</b>");
out.print("<br/>- Posted By "+rs.getString("user"));
out.print("<br/><br/>Content:<br/>"+rs.getString("content"));
}
}
else
{
out.print("ID Parameter is Missing");
}

out.print("<br/><br/><a href='forum.jsp'>Return to Forum &gt;&gt;</a>");
%>

<%@ include file="/footer.jsp" %>
<%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%>
<%
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
String postid=request.getParameter("postid");
if(postid!=null)
{
PreparedStatement pstmt = con.prepareStatement("select * from posts where postid=?");
pstmt.setString(1, postid);
ResultSet rs =null;
rs=pstmt.executeQuery();
if(rs != null && rs.next())
{
out.print("<b style='font-size:22px'>Title:"+rs.getString("title")+"</b>");
out.print("<br/>- Posted By "+rs.getString("user"));
out.print("<br/><br/>Content:<br/>"+rs.getString("content"));
}
}
else
{
out.print("ID Parameter is Missing");
}
out.print("<br/><br/><a href='forum.jsp'>Return to Forum &gt;&gt;</a>");
%>
<%@ include file="/footer.jsp" %>
Loading