GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2025-12-27 14:54:05 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

vault backup: 2022-09-08 11:53:36

Browse Source
This commit is contained in:
Jet Hughes 2022-09-08 11:53:36 +12:00
parent 1df6f9343f
commit 7242b1cf5b
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
content/notes/ass01-security-audit.md
View File

@ -33,5 +33,8 @@ Jet Hughes - 9474308
- e.g. '; update PRODUCT set DESCRIPTION = '<script>alert("hello")</script>' where PRODUCT_ID = 67696;--
## Path traversal
- I dont think there are any path traversal flaws in this website. This is because there isn't any urls which contain queryies or
## Network-Level security
- when a user logs in a post request to the server transmits the username and unhashed password to the server. This informaiton is susceptible to a man in the middle attack or
![example payload](https://i.imgur.com/9Tn6gx1.png)
## Other