Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding vuln sqlquery #1

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

Adding vuln sqlquery #1

wants to merge 12 commits into from

Conversation

anita-stanisz-sonarsource
Copy link
Owner

No description provided.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 24, 2022
View reviewed changes
@sonarcloudsquad1
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@sonarqubecloud
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 28, 2022
View reviewed changes
@sonarcloudsquad1
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 29, 2022
View reviewed changes
@sonarcloudsquad1
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 30, 2022
View reviewed changes
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jul 8, 2022

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 8, 2022
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 20, 2022
View reviewed changes
@sonarcloudsquad1
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 12, 2022
View reviewed changes
@sonarcloudsquad4
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 18, 2022
View reviewed changes
@sonarcloudsquad4
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 19, 2022
View reviewed changes
@sonarcloudsquad4
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

1 similar comment
@sonarcloudsquad4
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 22, 2022
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 22, 2022
View reviewed changes
@sonarcloudsquad4
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 24, 2023
View reviewed changes
@sonarcloudsquad3
Copy link

sonarcloudsquad3 bot commented Jan 24, 2023
edited
Loading

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 2 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 26, 2023
View reviewed changes
@sonarqube-cloud-dev
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability E 2 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 2 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 27, 2023
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 12, 2024
View reviewed changes
@sonarqube-cloud-staging SonarQube Cloud - staging
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 12, 2024
View reviewed changes
sqlquery.php
{
$userId = $request->get('id');
$sql = "SELECT email FROM user WHERE id='$userId'";
$statement = $this->connection->prepare($sql);

Check failure

Code scanning / SonarCloudsquad-3

Database queries should not be vulnerable to injection attacks

<!--SONAR_ISSUE_KEY:AZMgbSb4CUazj6Lf4GVT-->Change this code to not construct SQL queries directly from user-controlled data. <p>See more on <a href="https://squad-3-core.sc-dev.io/project/issues?id=anita-stanisz-sonarsource_security-vulns-nodejs&issues=AZMgbSb4CUazj6Lf4GVT&open=AZMgbSb4CUazj6Lf4GVT&pullRequest=1">SonarQube Cloud</a></p>
sqlquery.php
{
$userId = $request->get('name');
$sql = "SELECT username FROM user WHERE id='$userId'";
$statement = $this->connection->prepare($sql);

Check failure

Code scanning / SonarCloudsquad-3

Database queries should not be vulnerable to injection attacks

<!--SONAR_ISSUE_KEY:AZMgbSb4CUazj6Lf4GVU-->Change this code to not construct SQL queries directly from user-controlled data. <p>See more on <a href="https://squad-3-core.sc-dev.io/project/issues?id=anita-stanisz-sonarsource_security-vulns-nodejs&issues=AZMgbSb4CUazj6Lf4GVU&open=AZMgbSb4CUazj6Lf4GVU&pullRequest=1">SonarQube Cloud</a></p>
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 12, 2024
View reviewed changes
@sonarqube-cloud-staging SonarQube Cloud - staging
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 12, 2024
View reviewed changes
sqlquery.php
{
$userId = $request->get('id');
$sql = "SELECT email FROM user WHERE id='$userId'";
$statement = $this->connection->prepare($sql);

Check failure

Code scanning / SonarCloudStaging

Database queries should not be vulnerable to injection attacks High

Change this code to not construct SQL queries directly from user-controlled data. See more on SonarQube Cloud
sqlquery.php
{
$userId = $request->get('name');
$sql = "SELECT username FROM user WHERE id='$userId'";
$statement = $this->connection->prepare($sql);

Check failure

Code scanning / SonarCloudStaging

Database queries should not be vulnerable to injection attacks High

Change this code to not construct SQL queries directly from user-controlled data. See more on SonarQube Cloud
@sonarqube-cloud-dev SonarQube Cloud Dev
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 14, 2024
View reviewed changes
sqlquery.php
{
$userId = $request->get('id');
$sql = "SELECT email FROM user WHERE id='$userId'";
$statement = $this->connection->prepare($sql);

Check failure

Code scanning / SonarCloudDev

Database queries should not be vulnerable to injection attacks High

Change this code to not construct SQL queries directly from user-controlled data. See more on SonarQube Cloud
sqlquery.php
{
$userId = $request->get('name');
$sql = "SELECT username FROM user WHERE id='$userId'";
$statement = $this->connection->prepare($sql);

Check failure

Code scanning / SonarCloudDev

Database queries should not be vulnerable to injection attacks High

Change this code to not construct SQL queries directly from user-controlled data. See more on SonarQube Cloud
@sonarcloudsquad1 SonarCloudSquad1
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

1 similar comment
@sonarcloudsquad1 SonarCloudSquad1
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 21, 2024
View reviewed changes
@sonarcloudsquad1 SonarCloudSquad1
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 29, 2024
View reviewed changes
@sonarcloudsquad1 SonarCloudSquad1
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
4 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 29, 2024
View reviewed changes
@sonarcloudsquad1 SonarCloudSquad1
Copy link

Quality Gate Passed Quality Gate passed

Issues
2 New issues
2 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarclouddev6 SonarCloudDev6
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarqube-cloud-staging SonarQube Cloud - staging
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarcloudsquad2 SonarCloudSquad2
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
1 New issue
3 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarcloudsquad6 SonarCloudSquad6
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarcloudsquad4 SonarCloudSquad4
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarqube-cloud-dev SonarQube Cloud Dev
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarcloudsquad3 SonarCloudSquad3
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarclouddev6 SonarCloudDev6
Copy link

sonarclouddev6 bot commented Dec 4, 2024
edited
Loading

Quality Gate Passed Quality Gate passed

Issues
0 New issues
4 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarclouddev6 SonarCloudDev6
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

1 similar comment
@sonarclouddev6 SonarCloudDev6
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anita-stanisz-sonarsource @christophe-havard-sonarsource