added one more time request payload to confirm test results

2025-11-01 00:17:25 +03:00 · 2010-12-17 07:53:58 +00:00 · 2010-12-17 07:53:58 +00:00 · 323af45ce4
commit 323af45ce4
parent e3fa3b0e8e
1 changed files with 7 additions and 3 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -341,10 +341,14 @@ def checkSqlInjection(place, parameter, value):
                        trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True)

                        if trueResult:
-                            infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title)
-                            logger.info(infoMsg)
+                            # Confirm test's results
+                            trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True)

-                            injectable = True
+                            if trueResult:
+                                infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title)
+                                logger.info(infoMsg)
+
+                                injectable = True

                        # Restore value of socket timeout
                        socket.setdefaulttimeout(popValue())