Vulnerability Report

During this scan, SWAAT examined 1 file(s), containing a total of 74 line(s).

Risk Level	Number of findings
High	3
Medium	6
Low	0

High Risk Findings

Finding Name	system
Severity of Finding	High
Description	This function should never take unchecked user input as a parameter. Reasons for this vary, but it might be the case that, for instance, it is evaluated by the language environment or by an external program such as a shell.
Finding Locations	In C:\server\tests.php, line 67 (context is system($_GET['cmd_tp1']); / true /) In C:\server\tests.php, line 68 (context is system(htmlentities($_GET['cmd_tp2'])); / true /) In C:\server\tests.php, line 69 (context is system(escapeshellcmd($_GET['cmd_fp1'])); / false /)

Medium Risk Findings

Finding Name	SELECT * FROM bar WHERE barianInt =
Severity of Finding	Medium
Description	This string appears to be an SQL statement. Carefully scrutinize all SQL statements to ensure that they are not vulnerable to SQL injection attacks. Use mitigation techniques such as filtering for known-good characters and using prepared statements.
Finding Locations	In C:\server\tests.php, line 30 (context is $r2 = mysql_query("SELECT FROM bar WHERE barianInt = ". (int)$_GET['sql_fp1']); /* false /)

Finding Name	SELECT * FROM bar WHERE barianStr = '
Severity of Finding	Medium
Description	This string appears to be an SQL statement. Carefully scrutinize all SQL statements to ensure that they are not vulnerable to SQL injection attacks. Use mitigation techniques such as filtering for known-good characters and using prepared statements.
Finding Locations	In C:\server\tests.php, line 28 (context is $r1 = mysql_query("SELECT FROM bar WHERE barianStr = '". $_GET['sql_tp1'] ."' "); /* true /) In C:\server\tests.php, line 29 (context is $r2 = mysql_query("SELECT FROM bar WHERE barianStr = '". (string)$_GET['sql_tp2'] . "' "); /* true /) In C:\server\tests.php, line 31 (context is $r3 = mysql_query("SELECT FROM bar WHERE barianStr = '". mysql_real_escape_string($_GET['sql_fp2']) . "' "); /* false /)

Finding Name	testpass
Severity of Finding	Medium
Description	There appears to be some text that may indicate security sensitive functionality. Ensure you track any variables or function calls here during manual source code review.
Finding Locations	In C:\server\tests.php, line 15 (context is $db = mysql_connect("localhost", "testuser","testpass");)

Finding Name	testuser
Severity of Finding	Medium
Description	There appears to be some text that may indicate security sensitive functionality. Ensure you track any variables or function calls here during manual source code review.
Finding Locations	In C:\server\tests.php, line 15 (context is $db = mysql_connect("localhost", "testuser","testpass");)

Low Risk Findings

C:\server\tests.php