Code Review

A classic SQL injection vulnerability in a login function that allows attackers to bypass authentication.

User input is reflected back in the page without proper sanitization, allowing script injection.

Direct object reference allows accessing other users' profiles by changing the ID parameter.

Server-side request forgery through unvalidated URL fetching for link previews.

Using MD5 for password hashing provides inadequate security against modern attacks.

User input is passed directly to system commands without sanitization.

File path from user input allows directory traversal to access unauthorized files.

JWT verification accepts "none" algorithm, allowing tokens to be forged.

Dynamic column sorting vulnerable to SQL injection through ORDER BY clause.

Stored input is later used unsafely in a different query context.

User comments are stored and displayed to all users without sanitization.

Client-side JavaScript processes URL fragment unsafely.

Image proxy fetches user-provided URLs without validation.

API endpoint exposes internal object IDs without access control.

XML External Entity vulnerability allowing file disclosure through unsafe XML parsing.

Directory traversal vulnerability allowing unauthorized file access through path manipulation.

Unvalidated redirect vulnerability allowing phishing attacks through malicious URLs.

Predictable session token generation using weak random number generator.

Insecure deserialization allowing arbitrary code execution through crafted pickle payloads.

Advanced SSRF attack using DNS rebinding to bypass IP-based blocklists.

Authorization bypass by modifying JWT claims when signature is not properly validated.

Simple command injection through unsanitized user input in shell commands.

Bypassing weak command injection filters using encoding and alternative syntax.

Incomplete path sanitization that can be bypassed with double encoding or nested sequences.

Bypassing path traversal filters using double URL encoding.