48.json

{
    "file_path": "security_data/gpt3_security_vulnerability_scanner-main/SQL Injection/SQLi.cs",
    "vulnerability": "Vulnerabilities Detected:\n1. SQL Injection: The code is vulnerable to SQL injection attacks due to the use of user-supplied input in the SQL query without proper sanitization.",
    "source code": "using Microsoft.AspNetCore.Mvc;\nusing Microsoft.Extensions.Logging;\nusing System;\nusing System.Data.SqlClient;\n\nnamespace WebFox.Controllers\n{\n    [ApiController]\n    [Route(\"[controller]\")]\n    public class Sqli : ControllerBase\n    {\n\n        private readonly ILogger<Sqli> _logger;\n\n        public Sqli(ILogger<Sqli> logger)\n        {\n            _logger = logger;\n        }\n\n\n        [HttpGet(\"{id}\")]\n        public string DoSqli(string id)\n        {\n            string conString = \"I AM a connection String\";\n            using (SqlCommand cmd = new SqlCommand(\"SELECT * FROM users WHERE userId = '\" + id + \"'\"))\n            {\n                using (SqlConnection con = new SqlConnection(conString))\n                {\n                    con.Open();\n                    cmd.Connection = con;\n                    SqlDataReader reader = cmd.ExecuteReader();\n                    string res = \"\";\n                    while (reader.Read())\n                    {\n                        res += reader[\"userName\"];\n                    }\n                    return res;\n                }\n            }\n        }\n    }\n}",
    "language": "csharp",
    "cwe_identifier": [
        "CWE-89"
    ],
    "pattern_desc": [
        "Dynamic SQL queries constructed from sanitized input can lead to SQL Injection.\n"
    ],
    "line_number": [
        25
    ],
    "line_text": [
        "            using (SqlCommand cmd = new SqlCommand(\"SELECT * FROM users WHERE userId = '\" + id + \"'\"))"
    ],
    "pattern_id": [
        "insecure_code_detector.rules.semgrep.csharp.third-party.sql-injection"
    ],
    "rule": [
        null
    ],
    "label": 1
}