added one more time request payload to confirm test results

stamparm · stamparm · commit 323af45ce4c8 · 2010-12-17T07:53:58.000Z
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
@@ -341,10 +341,14 @@ def checkSqlInjection(place, parameter, value):
                         trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True)
 
                         if trueResult:
-                            infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title)
-                            logger.info(infoMsg)
+                            # Confirm test's results
+                            trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True)
 
-                            injectable = True
+                            if trueResult:
+                                infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title)
+                                logger.info(infoMsg)
+
+                                injectable = True
 
                         # Restore value of socket timeout
                         socket.setdefaulttimeout(popValue())
