top of page
Search

Security Testing: Secure Code Review

  • carocsteads
  • Sep 17, 2025
  • 3 min read

Updated: Sep 17, 2025


1. Objective

The objective of this document is to outline the secure code review process performed during a mock interview. It aims to identify vulnerabilities and security flaws within the provided code and to recommend remediation strategies.


2. Vulnerable eCommerce application, full source code


3. Step by step code review

3.1 Hardcoded credentials and DB configuration.

a) Why is it a vulnerability?

Hardcoded credentials can be leaked through source control. Attackers with access to the source control will have full DB access.

b) What is the impact?

Database compromised, data theft, modification, or deletion.

c) What is the mitigation?

Use a secure credentials store or environment variables. Never hardcode secrets in source code.


3.2 Login function

a) Why is it a vulnerability?

The first vulnerability is SQLi: User input is directly concatenated into the SQL queries. Attackers can manipulate the input to inject malicious SQL to bypass login functionality.

The second vulnerability is weak hashing (MD5). MD5 is deprecated, cryptographically broken, fast, predictable, and vulnerable to collision. Attackers can reverse hashes and craft duplicate hashes.

b) What is the impact?

The SQLi impact is bypassing authentication and altering sensitive data. The weak hashing impact means that account passwords can be cracked easily.

c) What is the mitigation?

Use prepared statements and a modern hashing algorithm, such as bcrypt.


3.3 Add product function

a) Why is it a vulnerability?

The first vulnerability is SQLi: User input is directly concatenated into the SQL queries. Attackers can manipulate the input to inject malicious SQL to modify the data.

The second vulnerability is the lack of input validation length, a price validation. Unsanitized user input can lead to XSS.

b) What is the impact?

The impact of SQLi includes data leakage, data corruption, and database compromise. The lack of input validation, including XSS, allows attackers to inject JavaScript that runs in other users’ browsers, causing application crashes and DoS.

c) What is the mitigation?

Sanitize user input and escape to XSS. Use prepared statements.


3.4 Purchase product function

a) Why is it a vulnerability?

There are several vulnerabilities, including a lack of CSRF tokens, which allow attackers to trick authenticated users into performing unintended actions, such as unauthorized purchases.

Insecure design, missing validation to ensure the session belongs to the same user ID, and missing validation to ensure the item is available. SQLi vulnerability again. Lack of input validation.

b) What is the impact?

The impact of CSRF attack can be unauthorized purchases, inventory and price manipulation.

c) What is the mitigation?

CSRF protection


3.5 Update Profile function

a) Why is it a vulnerability?

There are several vulnerabilities, IDOR Insecure Direct Object Reference can allow updating another user’s profiles, and insecure deserialization can allow remote code execution. Additionally, XSS, SQLi, and lack of input validation have already been covered in previous points.

b) What is the impact?

The impact of IDOR is updating other users' profiles. Insecure deserialization accepts raw serialized inputs, allowing remote code execution. An attacker can execute arbitrary code on a target machine remotely, access sensitive information, elevate to an admin user, fully compromise the system, and take over.

c) What is the mitigation?

The mitigation of Insecure deserialization is removing the insecure object, using JSON, applying input validation, and HTML escaping with StringEscapingUtils.


3.6 Leave Review function

a) Why is it a vulnerability?

There are several vulnerabilities, including missing authorization; any logged-in user can post a review on any product, even if not purchased. There is no rate limit; users can spam reviews. Additionally, XSS, SQLi, and a lack of input validation are already covered

in previous points.

b) What is the impact?

The impact of missing authorization checks is unauthorized actions; any logged-in user can impersonate any other user. On the other hand, by allowing adding reviews without limits, attackers can flood the leaveReview endpoint with requests, causing resource exhaustion and disrupting the service.

c) What is the mitigation?

The mitigation involves enforcing authorization checks and implementing rate limiting.


Recent Posts

See All
Automating Privileged Access Management:

A QA Engineer's Journey with Apache Guacamole By Carolina Steadham  | QA Automation Engineer Introduction In today's cybersecurity landscape, privileged access management (PAM) is critical for protect

 
 
 
🔧 Self-Healing Locators

Transform Flaky Tests into Resilient Automation By Carolina Steadham | QA Automation Engineer 📚 About This Project The Selenium TestNG Automation Framework is a comprehensive learning platform desi

 
 
 

Comments

© 2023 by Carolina Steadham. All rights reserved.

bottom of page