Hello,
I noticed an unsafe usage of SQL queries in tests/local_api.py line 37. The query coming from the user is executed without any prior sanitization, which may lead to SQL Injection attacks.
I also noticed the comment at the top of the page: "A really basic, insecure API server for the sqlite database", so i guess you are aware of this issue. But at the same time, the code deployed at http://code.minnpost.com/election-night-api/ seems to be vulnerable. I tried the typical "asdasd' or 1==1 -- " vector and it worked (i did not investigate any further). So you might consider taking some measures to prevent attacks.
Cheers!
Hello,
I noticed an unsafe usage of SQL queries in tests/local_api.py line 37. The query coming from the user is executed without any prior sanitization, which may lead to SQL Injection attacks.
I also noticed the comment at the top of the page: "A really basic, insecure API server for the sqlite database", so i guess you are aware of this issue. But at the same time, the code deployed at http://code.minnpost.com/election-night-api/ seems to be vulnerable. I tried the typical "asdasd' or 1==1 -- " vector and it worked (i did not investigate any further). So you might consider taking some measures to prevent attacks.
Cheers!