We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent b9ec2c3 commit d443eb3Copy full SHA for d443eb3
README.md
@@ -1,10 +1,11 @@
1
# hackable
2
-A python flask app that is purposfully vulnerable to SQL injection attacks
+A python flask app that is purposfully vulnerable to SQL injection and XSS attacks
3
4
# How to run
5
Just `cd` into the hackable folder and type into the termnial `python main.py`
6
7
# Notes
8
* test.sql is just there to help to visualize what is happening with sql queries during the demo
9
* Commands For Sqlite Hack.txt is there to show the sql statements used during the demo and explain them
10
-* makeDB.py is the python script used to create and put the initial data in sample.db (The Database)
+* The search page is vulnerable to SQL injections
11
+* The add items page is vulnerable to XSS
0 commit comments