GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2025-12-27 14:54:05 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity
fc61997665
quartz/content/notes/ass01-security-audit.md
Jet Hughes fc61997665 vault backup: 2022-09-05 12:56:17
2022-09-05 12:56:18 +12:00

464 B
Raw Blame History

title aliases tags
ass01-security-audit
assignment
comp210

Jet Hughes - 9474308

Summary of system

  • function
  • technology

Flaws

Password policy

  • must have at least 5 characters and one digit.
    • not suffiecient

SQL Injection

  • can log in to admin using username: " 'or 1=1;--"
  • we are able to extract data which is displayed as the users username

Javascript Injection

Path traversal

Network-Level security

Other