cybersecurity

3231 readers

10 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

[email protected]

CVE Report for Damn Vulnerable Web Application (DVWA) (nvd.nist.gov)

submitted 1 year ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

In case you need a quick laugh, have a look at this CVE report.

For context: quote DVWA Repo:

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, [...].

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 1 year ago (2 children)

Saved you a click:

REJECTED CVE has been marked "REJECT" in the CVE List. These CVEs are stored in the NVD, but do not show up in search results.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Originally was:

"DVWA v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at blind\source\high.php."

Source report: https://github.com/KLSEHB/vulnerability-report/blob/c1f3f27286e435d1bd5893a5fea2ffbe9fb55cbd/Dvwa_vulnerability

[–] [email protected] 1 points 1 year ago

I thought this would be visible with my link. Specifically shared the "show changes" Link but that doesn't seem to work.