DevSecOps-AppSec · souro1212 · Aug 21, 2025 · Aug 21, 2025 · Aug 21, 2025 · Aug 21, 2025
diff --git a/routes.py b/routes.py
@@ -36,7 +36,7 @@ def login():
             db = get_db()
 
             # Intentionally vulnerable to SQL Injection in the username field
-            query = f"SELECT * FROM users WHERE username = '{username}' AND password = '{hashed_password}'"
+            query = f"SELECT * FROM users WHERE username = '{username}' AND password = '{hashed_password}' "
             print(f"Executing SQL Query: {query}")  # Debug the SQL query being executed
 
             result = db.execute(query).fetchone()
@@ -81,19 +81,19 @@ def search_user():
             elif 'delete_user' in request.form:
                 # Delete user
                 user_id = request.form.get('user_id_to_delete')
-                admin_user = db.execute("SELECT * FROM users WHERE id = ? AND username = 'admin'", (user_id,)).fetchone()
+                admin_user = db.execute("SELECT * FROM users WHERE id = ? AND username = 'admin' ", (user_id,)).fetchone()
                 if admin_user:
                     flash("Cannot delete the admin user!")
                 else:
-                    db.execute("DELETE FROM users WHERE id = ?", (user_id,))
+                    db.execute("DELETE FROM users WHERE id = ? ", (user_id,))
                     db.commit()
                     flash("User deleted successfully!")
 
             else:
                 # Search user by ID
                 user_id = request.form.get('user_id')
                 try:
-                    query = f"SELECT * FROM users WHERE id = {user_id}"
+                    query = f"SELECT * FROM users WHERE id = {user_id} "
                     print(f"Executing SQL Query: {query}")
                     result = db.execute(query).fetchall()
                     if result:
@@ -235,4 +235,4 @@ def create_ticket():
 
     @app.route('/admin/tickets')
     def view_tickets():
-        return render_template('admin_tickets.html', tickets=tickets)
+        return render_template('admin_tickets.html', tickets=tickets)
diff --git a/templates/xss_demo.html b/templates/xss_demo.html
@@ -60,12 +60,12 @@ <h1 class="text-center mb-4">XSS Vulnerability Demonstration</h1>
     <script>
       // DOM-based XSS demo: directly evaluate hash content
       if (location.hash) {
-        const payload = decodeURIComponent(location.hash.slice(1));
+        const data = decodeURIComponent(location.hash.slice(1));
         // Intentionally using eval for demonstration
-        eval(payload);
+        eval(data);
       }
     </script>
     <script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
     <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.5.2/dist/js/bootstrap.bundle.min.js"></script>
   </body>
-</html>
+</html>