Dashboard
Resources
Pricing
Discover
Directory
Log in
QuackatronHQ
/
Gigarepo
Active
Overview
Issues
Metrics
History
All
Severity
Sort
All issues
85
All issues
85
Recommended
78
Secrets
0
Bug Risk
4
Anti-pattern
0
Security
81
Performance
0
Typecheck
0
Coverage
0
Style
0
Documentation
0
XML parsing may be vulnerable to XXE attacks
JS-D022
Security
Major
2 months ago
—
2 years old
Seen in 1 file
1
Bind to all interfaces
GSC-G102
Security
Major
2 months ago
—
2 years old
Seen in 1 file
1
Audit required: Risk of possible SQL injection vector through string-based query construction
BAN-B608
Security
Major
2 months ago
—
2 years old
Seen in 1 file
1
Use of both safe and unsafe HTTP methods for a view
PY-S6007
Security
Major
2 months ago
—
2 years old
Seen in 1 file
1
Audit required: Insecurely generated random number
CS-A1008
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Filesystem related permissions specified are too broad
CS-S1000
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Audit required: Sensitive cookie without
HttpOnly
attribute
PHP-A1003
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Audit required: Use of an insecure hashing function
PHP-A1004
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Audit required: Sensitive cookie without
secure
attribute
PHP-A1005
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Directory created with insecure permissions
PHP-A1006
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Audit required: Presence of debug function found
PHP-A1012
Security
Critical
2 months ago
—
2 years old
Seen in 14 files
63
Servlets should not use mutable fields without synchronization
JAVA-E0128
Bug risk
Critical
2 months ago
—
2 years old
Seen in 1 file
3
Overly permissive CORS policies are a security risk
JAVA-S1000
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Cookies must not be insecure
JAVA-S1003
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
1
Unsafe permissions set on a file
JS-D017
Security
Major
2 months ago
—
2 years old
Seen in 1 file
2
Getter and setter method synchronization does not match
JAVA-E1074
Bug risk
Major
2 months ago
—
2 years old
Seen in 1 file
1
Use
net.JoinHostPort
instead of
fmt.Sprintf(...)
GO-S1027
Security
Major
2 months ago
—
2 years old
Seen in 1 file
1
Audit: Including request data within HTML response strings may lead to XSS attacks
JAVA-A1035
Security
Critical
2 months ago
—
2 years old
Seen in 1 file
3