WORKTERRAProject Type: software

WORKTERRA

Uploaded image for project: 'WORKTERRA'
  1. WORKTERRA
  2. WT-3873

Verify OR logical condition with single quote for SQL Injection

    Details

    • Type: Enhancement
    • Status: Closed
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: BenAdmin
    • Labels:
      None
    • Module:
      BenAdmin - Security
    • Reported by:
      Support
    • Item State:
      Production Complete - Closed

      Description

      We need to verify OR condition for SQL injection. Scenario which was tried to save is as mentioned below-

      asdf' OR '1'='1

      We have verified OR with single quote and at least one space before and after OR.

        Attachments

        1. image006.png
          image006.png
          0.7 kB
        2. WT-3873.doc
          268 kB

          Activity

          Transition Time In Source Status Execution Times
          Vijayendra Shinde (Inactive) made transition -
          New Request Pending for Approval
          		26m 52s 1
          Vijayendra Shinde (Inactive) made transition -
          Pending for Approval Approved for Development
          		2s 1
          Vijayendra Shinde (Inactive) made transition -
          Approved for Development In Development
          		7s 1
          Rakesh Roy (Inactive) made transition -
          In LB Testing Reopen in Local
          		32d 17h 27m 2
          Rakesh Roy (Inactive) made transition -
          Reopen in Local In Development
          		20d 1h 24m 2
          Rakesh Roy (Inactive) made transition -
          In Development In LB Testing
          		2d 2h 19m 3
          Rakesh Roy (Inactive) made transition -
          In LB Testing Pending for Stage Approval
          		3s 1
          Rakesh Roy (Inactive) made transition -
          Pending for Stage Approval Approved for Stage
          		3s 1
          Rakesh Roy (Inactive) made transition -
          Approved for Stage Stage Testing
          		3s 1
          Rakesh Roy (Inactive) made transition -
          Stage Testing Pending for Production Approval
          		4s 1
          Rakesh Roy (Inactive) made transition -
          Pending for Production Approval Approved for production
          		4s 1
          Rakesh Roy (Inactive) made transition -
          Approved for production In Production Testing
          		7s 1
          Rakesh Roy (Inactive) made transition -
          In Production Testing Production Complete
          		49d 1h 24m 1
          Prasad Pise (Inactive) made transition -
          Production Complete Closed
          		90d 4h 58m 1

            People

            Assignee:
            prasadp Prasad Pise (Inactive)
            Reporter:
            vijayendra Vijayendra Shinde (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: