Merge pull request #3212 from zapbot/wavsep

kingthorin · web-flow · commit 21cb01208cd0 · 2025-08-27T16:37:47.000-04:00
Updated WAVSEP Results
diff --git a/site/data/scans/wavsep/sqli-get-200-err.yml b/site/data/scans/wavsep/sqli-get-200-err.yml
@@ -33,13 +33,13 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Error/Case11-InjectionInView-Date-PermissionBypass-With200Errors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Error/Case12-InjectionInSearch-Date-UnionExploit-With200Errors.jsp
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Error/Case13-InjectionInCalc-Date-BooleanExploit-With200Errors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Error/Case14-InjectionInUpdate-Date-CommandInjection-With200Errors.jsp
   result: Pass
   rule: 40018
@@ -48,7 +48,7 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Error/Case16-InjectionInView-NumericWithoutQuotes-PermissionBypass-With200Errors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Error/Case17-InjectionInSearch-NumericWithoutQuotes-UnionExploit-With200Errors.jsp
   result: Pass
   rule: 40018
diff --git a/site/data/scans/wavsep/sqli-get-200-valid.yml b/site/data/scans/wavsep/sqli-get-200-valid.yml
@@ -26,17 +26,17 @@ details:
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case09-InjectionInUpdate-Numeric-CommandInjection-WithDifferent200Responses.jsp
-  result: Pass
-  rule: 40019
+  result: FAIL
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case10-InjectionInSearchOrderBy-Numeric-BinaryDeliberateRuntimeError-WithDifferent200Responses.jsp
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case11-InjectionInView-Date-PermissionBypass-WithDifferent200Responses.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case12-InjectionInSearch-Date-UnionExploit-WithDifferent200Responses.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case13-InjectionInCalc-Date-BooleanExploit-WithDifferent200Responses.jsp
   result: Pass
   rule: 40018
@@ -48,17 +48,17 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case16-InjectionInView-NumericWithoutQuotes-PermissionBypass-WithDifferent200Responses.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case17-InjectionInSearch-NumericWithoutQuotes-UnionExploit-WithDifferent200Responses.jsp
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case18-InjectionInCalc-NumericWithoutQuotes-BooleanExploit-WithDifferent200Responses.jsp
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-200Valid/Case19-InjectionInUpdate-NumericWithoutQuotes-CommandInjection-WithDifferent200Responses.jsp
-  result: Pass
-  rule: 40019
+  result: FAIL
+  rule: 40018
 tests: 19
-passes: 18
-fails: 1
-score: 95%
+passes: 16
+fails: 3
+score: 84%
diff --git a/site/data/scans/wavsep/sqli-get-500-err.yml b/site/data/scans/wavsep/sqli-get-500-err.yml
@@ -27,19 +27,19 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case09-InjectionInUpdate-Numeric-CommandInjection-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case10-InjectionInSearchOrderBy-Numeric-BinaryDeliberateRuntimeError-WithErrors.jsp
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case11-InjectionInView-Date-PermissionBypass-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case12-InjectionInSearch-Date-UnionExploit-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case13-InjectionInCalc-Date-BooleanExploit-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case14-InjectionInUpdate-Date-CommandInjection-WithErrors.jsp
   result: Pass
   rule: 40018
@@ -57,7 +57,7 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-GET-500Error/Case19-InjectionInUpdate-NumericWithoutQuotes-CommandInjection-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 tests: 19
 passes: 19
 fails: 0
diff --git a/site/data/scans/wavsep/sqli-post-200-err.yml b/site/data/scans/wavsep/sqli-post-200-err.yml
@@ -21,7 +21,7 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Error/Case07-InjectionInSearch-Numeric-UnionExploit-With200Errors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Error/Case08-InjectionInCalc-Numeric-BooleanExploit-With200Errors.jsp
   result: Pass
   rule: 40018
@@ -33,10 +33,10 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Error/Case11-InjectionInView-Date-PermissionBypass-With200Errors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Error/Case12-InjectionInSearch-Date-UnionExploit-With200Errors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Error/Case13-InjectionInCalc-Date-BooleanExploit-With200Errors.jsp
   result: Pass
   rule: 40018
diff --git a/site/data/scans/wavsep/sqli-post-200-valid.yml b/site/data/scans/wavsep/sqli-post-200-valid.yml
@@ -26,8 +26,8 @@ details:
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Valid/Case09-InjectionInUpdate-Numeric-CommandInjection-WithDifferent200Responses.jsp
-  result: Pass
-  rule: 40019
+  result: FAIL
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Valid/Case10-InjectionInSearchOrderBy-Numeric-BinaryDeliberateRuntimeError-WithDifferent200Responses.jsp
   result: Pass
   rule: 40018
@@ -36,10 +36,10 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Valid/Case12-InjectionInSearch-Date-UnionExploit-WithDifferent200Responses.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Valid/Case13-InjectionInCalc-Date-BooleanExploit-WithDifferent200Responses.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Valid/Case14-InjectionInUpdate-Date-CommandInjection-WithDifferent200Responses.jsp
   result: Pass
   rule: 40018
@@ -56,9 +56,9 @@ details:
   result: Pass
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-200Valid/Case19-InjectionInUpdate-NumericWithoutQuotes-CommandInjection-WithDifferent200Responses.jsp
-  result: Pass
-  rule: 40019
+  result: FAIL
+  rule: 40018
 tests: 19
-passes: 18
-fails: 1
-score: 95%
+passes: 16
+fails: 3
+score: 84%
diff --git a/site/data/scans/wavsep/sqli-post-500-err.yml b/site/data/scans/wavsep/sqli-post-500-err.yml
@@ -36,10 +36,10 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case12-InjectionInSearch-Date-UnionExploit-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case13-InjectionInCalc-Date-BooleanExploit-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case14-InjectionInUpdate-Date-CommandInjection-WithErrors.jsp
   result: Pass
   rule: 40018
@@ -48,7 +48,7 @@ details:
   rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case16-InjectionInView-NumericWithoutQuotes-PermissionBypass-WithErrors.jsp
   result: Pass
-  rule: 40019
+  rule: 40018
 - path: http://127.0.0.1:8080/wavsep/active/SQL-Injection/SInjection-Detection-Evaluation-POST-500Error/Case17-InjectionInSearch-NumericWithoutQuotes-UnionExploit-WithErrors.jsp
   result: Pass
   rule: 40018
diff --git a/site/data/scans/wavsep/totals.yml b/site/data/scans/wavsep/totals.yml
@@ -1,4 +1,4 @@
 tests: 1048
-passes: 1007
-fails: 41
+passes: 1003
+fails: 45
 score: 96%
